urlscan.io logo urlscan.io
SecurityTrails logo

www.deseret.com Open in urlscan Pro
52.222.236.30  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Submission: On October 13 via manual from SA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 103 IPs in 7 countries across 92 domains to perform 520 HTTP transactions. The main IP is 52.222.236.30, located in United States and belongs to AMAZON-02, US. The main domain is www.deseret.com. The Cisco Umbrella rank of the primary domain is 127605.
TLS certificate: Issued by Amazon RSA 2048 M01 on January 26th 2023. Valid for: a year.
This is the only time www.deseret.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 52.222.236.30 16509 (AMAZON-02)
11 2606:4700:440... 13335 (CLOUDFLAR...)
3 2a02:26f0:480... 20940 (AKAMAI-ASN1)
25 143.204.98.98 16509 (AMAZON-02)
2 18.239.36.79 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
26 18.66.147.43 16509 (AMAZON-02)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
14 2.18.97.54 16625 (AKAMAI-AS)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2606:4700:440... 13335 (CLOUDFLAR...)
4 2a03:2880:f08... 32934 (FACEBOOK)
35 2a00:1450:400... 15169 (GOOGLE)
3 108.138.1.25 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2600:1901:0:7... 396982 (GOOGLE-CL...)
2 35.244.156.29 15169 (GOOGLE)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:223... 16509 (AMAZON-02)
1 6 2620:116:800d... 16509 (AMAZON-02)
1 3 18.66.112.41 16509 (AMAZON-02)
1 18.65.36.58 16509 (AMAZON-02)
1 2 151.139.128.10 20446 (STACKPATH...)
2 2600:9000:239... 16509 (AMAZON-02)
1 108.138.15.119 16509 (AMAZON-02)
6 199.232.192.124 54113 (FASTLY)
2 146.75.118.132 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 99.86.4.30 16509 (AMAZON-02)
1 52.222.239.116 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
2 2600:9000:223... 16509 (AMAZON-02)
1 52.17.99.225 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 3.5.10.233 14618 (AMAZON-AES)
14 13.32.121.64 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
7 64.202.112.127 23352 (SERVERCEN...)
13 23.53.233.193 16625 (AKAMAI-AS)
9 161.47.17.28 19994 (RACKSPACE)
2 2a00:1450:400... 15169 (GOOGLE)
2 3.20.119.232 16509 (AMAZON-02)
1 52.12.68.237 16509 (AMAZON-02)
1 13.58.98.49 16509 (AMAZON-02)
5 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 162.19.138.119 16276 (OVH)
1 64.74.236.223 19024 (INTERNAP-...)
2 45.76.166.221 20473 (AS-CHOOPA)
1 141.95.33.111 16276 (OVH)
1 52.73.139.228 14618 (AMAZON-AES)
2 3.226.31.210 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
54 2a00:1450:400... 15169 (GOOGLE)
1 18.206.138.123 14618 (AMAZON-AES)
34 69.173.144.137 26667 (RUBICONPR...)
1 2604:a880:400... 14061 (DIGITALOC...)
7 2a00:1450:400... 15169 (GOOGLE)
2 2606:2800:233... 15133 (EDGECAST)
4 52.223.40.198 16509 (AMAZON-02)
12 46.228.174.115 56396 (AMOBEE)
6 69.166.1.9 27630 (AS-XFERNET)
6 63.251.14.14 14744 (INTERNAP-...)
2 14 104.18.26.193 13335 (CLOUDFLAR...)
7 145.40.97.66 54825 (PACKET)
7 34.241.102.113 16509 (AMAZON-02)
12 2602:803:c003... 26667 (RUBICONPR...)
6 185.64.189.112 62713 (AS-PUBMATIC)
2 95.101.149.233 ()
2 104.18.25.18 ()
2 184.30.16.195 ()
2 2 193.0.160.131 ()
2 72.34.250.75 ()
4 5 18.158.137.139 ()
9 9 142.250.186.34 ()
2 2 185.184.8.90 ()
2 3 208.93.169.131 ()
1 185.64.190.78 ()
1 2 52.46.128.147 ()
1 2a05:d018:cc3... ()
2 2 35.214.189.46 ()
2 2 52.57.181.189 ()
4 4 185.89.210.153 ()
1 69.173.144.165 ()
1 178.250.1.9 ()
1 2 67.220.224.150 ()
8 198.47.127.205 ()
9 185.64.191.210 ()
1 1 85.114.159.93 ()
1 1 51.68.39.188 ()
1 1 52.73.120.254 ()
1 1 50.31.142.63 ()
1 2 151.101.66.49 ()
5 5 52.213.189.61 ()
1 1 185.86.139.101 ()
1 1 82.145.213.8 ()
1 63.251.232.170 ()
2 2 213.155.156.181 ()
1 35.186.193.173 ()
1 195.5.165.20 ()
1 1 141.95.171.139 ()
2 2 141.94.170.64 ()
2 2 34.254.143.3 ()
1 54.76.246.245 ()
1 2 34.111.129.221 ()
3 4 54.147.123.103 ()
3 3 37.157.4.29 ()
1 34.91.62.186 ()
1 2a05:d018:d29... ()
1 3.75.62.37 ()
1 98.98.134.243 ()
1 1 46.228.164.11 ()
1 2a02:fa8:8806... ()
1 1 64.227.64.62 ()
520 103
2    52.222.236.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-30.fra56.r.cloudfront.net
www.deseret.com
11    2606:4700:4400::6812:2894 (United States)

ASN13335 (CLOUDFLARENET, US)
cookie-cdn.cookiepro.com
3    2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
25    143.204.98.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-98.fra50.r.cloudfront.net
deseret.brightspotcdn.com
2    18.239.36.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-79.ams58.r.cloudfront.net
htlbid.com
8    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
26    18.66.147.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-43.fra60.r.cloudfront.net
tagan.adlightning.com
3    2606:4700:10::6816:1971 (United States)

ASN13335 (CLOUDFLARENET, US)
uploads.deseret.com
5    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
www.google-analytics.com
14    2.18.97.54 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-97-54.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
libs.outbrain.com
1    2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
1    2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
4    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
35    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
3    108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
c.amazon-adsystem.com
2    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2600:1901:0:7a38::1 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
restrainstorm.com
2    35.244.156.29 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 29.156.244.35.bc.googleusercontent.com
deseretnews.coral.coralproject.net
5    2606:4700:10::ac43:879 (United States)

ASN13335 (CLOUDFLARENET, US)
api.deseret.com
photo-purchasing-api.deseret.com
uploads.deseret.com
1    2600:9000:223f:9400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
6    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
3    18.66.112.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-41.fra56.r.cloudfront.net
sb.scorecardresearch.com
1    18.65.36.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-36-58.ams1.r.cloudfront.net
cdn.parsely.com
2    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
cdn.mouseflow.com
2    2600:9000:2394:fa00:0:6f3c:65c0:21 (United States)

ASN16509 (AMAZON-02, US)
d1vg5xiq7qffdj.cloudfront.net
1    108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net
js.adsrvr.org
6    199.232.192.124 (United States)

ASN54113 (FASTLY, US)
cdn.vox-cdn.com
2    146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
mv.outbrain.com
2    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
b5d26ce7f654ea1b851fca63a89eb750.safeframe.googlesyndication.com
43a6e9a6f3365f4999b2b8b347c006e1.safeframe.googlesyndication.com
1    99.86.4.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-30.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
1    52.222.239.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-239-116.fra56.r.cloudfront.net
aax.amazon-adsystem.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2600:9000:223c:2e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
p1.parsely.com
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
9    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2606:4700::6811:2b8 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
1    3.5.10.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com
ams-pageview-public.s3.amazonaws.com
14    13.32.121.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-64.fra60.r.cloudfront.net
deseretdigital-tagan.adlightning.com
5    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
24    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    64.202.112.127 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
mcdp-nydc1.outbrain.com
13    23.53.233.193 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-53-233-193.deploy.static.akamaitechnologies.com
images.outbrainimg.com
9    161.47.17.28 (United States)

ASN19994 (RACKSPACE, US)
saambaa.com
api.saambaa.com
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    3.20.119.232 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-20-119-232.us-east-2.compute.amazonaws.com
www.mirabelanalytics.com
1    52.12.68.237 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-12-68-237.us-west-2.compute.amazonaws.com
app.mirabelsmarketingmanager.com
1    13.58.98.49 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-58-98-49.us-east-2.compute.amazonaws.com
api.emailsnow.info
5    2606:4700::6812:651 (United States)

ASN13335 (CLOUDFLARENET, US)
static.vidazoo.com
inventory.vidazoo.com
5    2a02:26f0:480:38a::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
1    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    64.74.236.223 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
widgetmonitor.outbrain.com
2    45.76.166.221 (Piscataway, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 45.76.166.221.vultrusercontent.com
server7.vidazoo.com
1    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
1    52.73.139.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-139-228.compute-1.amazonaws.com
observe.aniview.com
2    3.226.31.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-31-210.compute-1.amazonaws.com
track1.aniview.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
54    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    18.206.138.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-206-138-123.compute-1.amazonaws.com
p2.gcprivacy.com
34    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    2604:a880:400:d0::24b9:9001 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
bis3.vidazoo.com
7    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
saambaa-static.azureedge.net
4    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
12    46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)
targeting.unrulymedia.com
6    69.166.1.9 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
6    63.251.14.14 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
PTR: 14.14.251.63.unassigned.ord.singlehop.net
ap.lijit.com
14    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
7    145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
7    34.241.102.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-102-113.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
12    2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
6    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    95.101.149.233 (None, )

ASN- ()
eus.rubiconproject.com
2    104.18.25.18 (None, )

ASN- ()
js-sec.indexww.com
cdn.indexww.com
2    184.30.16.195 (None, )

ASN- ()
ads.pubmatic.com
2    193.0.160.131 (None, )

ASN- ()
p.rfihub.com
2    72.34.250.75 (None, )

ASN- ()
sync.go.sonobi.com
5    18.158.137.139 (None, )

ASN- ()
x.bidswitch.net
9    142.250.186.34 (None, )

ASN- ()
cm.g.doubleclick.net
2    185.184.8.90 (None, )

ASN- ()
creativecdn.com
3    208.93.169.131 (None, )

ASN- ()
bh.contextweb.com
1    185.64.190.78 (None, )

ASN- ()
image6.pubmatic.com
2    52.46.128.147 (None, )

ASN- ()
s.amazon-adsystem.com
1    2a05:d018:cc3:fe05:bd88:aae0:b7b2:3334 (None, )

ASN- ()
d.adroll.com
2    35.214.189.46 (None, )

ASN- ()
csync.loopme.me
2    52.57.181.189 (None, )

ASN- ()
pm.w55c.net
4    185.89.210.153 (None, )

ASN- ()
ib.adnxs.com
1    69.173.144.165 (None, )

ASN- ()
token.rubiconproject.com
1    178.250.1.9 (None, )

ASN- ()
dis.criteo.com
2    67.220.224.150 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
8    198.47.127.205 (None, )

ASN- ()
image2.pubmatic.com
9    185.64.191.210 (None, )

ASN- ()
simage2.pubmatic.com
1    85.114.159.93 (None, )

ASN- ()
dsp.adfarm1.adition.com
1    51.68.39.188 (None, )

ASN- ()
dsp.nrich.ai
1    52.73.120.254 (None, )

ASN- ()
sync.srv.stackadapt.com
1    50.31.142.63 (None, )

ASN- ()
b1sync.zemanta.com
2    151.101.66.49 (None, )

ASN- ()
sync-tm.everesttech.net
5    52.213.189.61 (None, )

ASN- ()
match.prod.bidr.io
1    185.86.139.101 (None, )

ASN- ()
rtb-csync.smartadserver.com
1    82.145.213.8 (None, )

ASN- ()
t.adx.opera.com
1    63.251.232.170 (None, )

ASN- ()
cm.adgrx.com
2    213.155.156.181 (None, )

ASN- ()
d5p.de17a.com
1    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
1    141.95.171.139 (None, )

ASN- ()
green.erne.co
2    141.94.170.64 (None, )

ASN- ()
pixel-eu.onaudience.com
2    34.254.143.3 (None, )

ASN- ()
loada.exelator.com
1    54.76.246.245 (None, )

ASN- ()
sync.crwdcntrl.net
2    34.111.129.221 (None, )

ASN- ()
cr.frontend.weborama.fr
4    54.147.123.103 (None, )

ASN- ()
a.audrte.com
3    37.157.4.29 (None, )

ASN- ()
dmp.adform.net
c1.adform.net
1    34.91.62.186 (None, )

ASN- ()
um.simpli.fi
1    2a05:d018:d29:3602:77fc:3cf3:5701:3122 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
1    3.75.62.37 (None, )

ASN- ()
ups.analytics.yahoo.com
1    98.98.134.243 (None, )

ASN- ()
pixel-sync.sitescout.com
1    46.228.164.11 (None, )

ASN- ()
ad.turn.com
1    2a02:fa8:8806:16::1370 (None, )

ASN- ()
pubmatic-match.dotomi.com
1    64.227.64.62 (None, )

ASN- ()
match.adsby.bidtheatre.com
Apex Domain
Subdomains		 Transfer
80 googlesyndication.com
b5d26ce7f654ea1b851fca63a89eb750.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
43a6e9a6f3365f4999b2b8b347c006e1.safeframe.googlesyndication.com
2 MB
49 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 984
fastlane.rubiconproject.com — Cisco Umbrella Rank: 563
eus.rubiconproject.com
token.rubiconproject.com
34 KB
45 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
cm.g.doubleclick.net
423 KB
40 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 2410
deseretdigital-tagan.adlightning.com — Cisco Umbrella Rank: 263222
722 KB
26 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 581
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
31 KB
25 brightspotcdn.com
deseret.brightspotcdn.com — Cisco Umbrella Rank: 95196
1 MB
24 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 2100
widget-pixels.outbrain.com — Cisco Umbrella Rank: 4294
mv.outbrain.com — Cisco Umbrella Rank: 2748
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 6884
libs.outbrain.com — Cisco Umbrella Rank: 3423
widgetmonitor.outbrain.com — Cisco Umbrella Rank: 9625
183 KB
14 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 570
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
8 KB
13 outbrainimg.com
images.outbrainimg.com — Cisco Umbrella Rank: 2730
379 KB
12 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 966
973 B
11 cookiepro.com
cookie-cdn.cookiepro.com — Cisco Umbrella Rank: 7635
163 KB
10 deseret.com
www.deseret.com — Cisco Umbrella Rank: 127605
uploads.deseret.com — Cisco Umbrella Rank: 143144
api.deseret.com — Cisco Umbrella Rank: 551585
photo-purchasing-api.deseret.com — Cisco Umbrella Rank: 283376
214 KB
9 saambaa.com
saambaa.com — Cisco Umbrella Rank: 21904
api.saambaa.com — Cisco Umbrella Rank: 24002
328 KB
9 google.com
www.google.com — Cisco Umbrella Rank: 2
4 KB
9 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 334
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 657
aax.amazon-adsystem.com — Cisco Umbrella Rank: 426
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com
71 KB
8 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2334
sync.go.sonobi.com
7 KB
8 aniview.com
player.aniview.com — Cisco Umbrella Rank: 2378
observe.aniview.com — Cisco Umbrella Rank: 4216
track1.aniview.com — Cisco Umbrella Rank: 2622
251 KB
8 vidazoo.com
static.vidazoo.com — Cisco Umbrella Rank: 3402
server7.vidazoo.com — Cisco Umbrella Rank: 9061
inventory.vidazoo.com — Cisco Umbrella Rank: 5257
bis3.vidazoo.com — Cisco Umbrella Rank: 7197
180 KB
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
440 KB
7 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 752
1 KB
7 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1090
1018 B
7 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1200
917 B
6 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 754
2 KB
6 vox-cdn.com
cdn.vox-cdn.com — Cisco Umbrella Rank: 15204
407 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
region1.google-analytics.com — Cisco Umbrella Rank: 2250
21 KB
6 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1348
pixel.quantserve.com — Cisco Umbrella Rank: 1147
cms.quantserve.com
20 KB
5 bidr.io
match.prod.bidr.io
3 KB
5 bidswitch.net
x.bidswitch.net
2 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 379
104 KB
5 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1808
insight.adsrvr.org — Cisco Umbrella Rank: 665
match.adsrvr.org
3 KB
4 audrte.com
a.audrte.com
3 KB
4 adnxs.com
ib.adnxs.com
3 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
177 KB
4 typekit.net
use.typekit.net — Cisco Umbrella Rank: 560
p.typekit.net — Cisco Umbrella Rank: 722
77 KB
3 adform.net
dmp.adform.net
c1.adform.net
2 KB
3 contextweb.com
bh.contextweb.com
2 KB
3 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 6285
11 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 179
869 B
3 restrainstorm.com
restrainstorm.com — Cisco Umbrella Rank: 193253
24 KB
2 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
551 B
2 weborama.fr
cr.frontend.weborama.fr
497 B
2 exelator.com
loada.exelator.com
2 KB
2 onaudience.com
pixel-eu.onaudience.com
1 KB
2 de17a.com
d5p.de17a.com
562 B
2 everesttech.net
sync-tm.everesttech.net
770 B
2 w55c.net
pm.w55c.net
1 KB
2 loopme.me
csync.loopme.me
482 B
2 creativecdn.com
creativecdn.com
701 B
2 rfihub.com
p.rfihub.com
2 KB
2 indexww.com
js-sec.indexww.com
cdn.indexww.com
2 KB
2 azureedge.net
saambaa-static.azureedge.net — Cisco Umbrella Rank: 27228
63 KB
2 mirabelanalytics.com
www.mirabelanalytics.com — Cisco Umbrella Rank: 161239
23 KB
2 gstatic.com
fonts.gstatic.com
49 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
2 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1156
id5-sync.com — Cisco Umbrella Rank: 470
30 KB
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1263
1 KB
2 cloudfront.net
d1vg5xiq7qffdj.cloudfront.net
17 KB
2 mouseflow.com
cdn.mouseflow.com — Cisco Umbrella Rank: 8490
58 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3328
p1.parsely.com — Cisco Umbrella Rank: 2550
25 KB
2 coralproject.net
deseretnews.coral.coralproject.net — Cisco Umbrella Rank: 188958
31 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
185 KB
2 htlbid.com
htlbid.com — Cisco Umbrella Rank: 11090
93 KB
1 bidtheatre.com
match.adsby.bidtheatre.com
555 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 turn.com
ad.turn.com
518 B
1 sitescout.com
pixel-sync.sitescout.com
187 B
1 simpli.fi
um.simpli.fi
609 B
1 crwdcntrl.net
sync.crwdcntrl.net
265 B
1 erne.co
green.erne.co
412 B
1 iprom.net
core.iprom.net
277 B
1 ctnsnet.com
ipac.ctnsnet.com
369 B
1 adgrx.com
cm.adgrx.com
282 B
1 opera.com
t.adx.opera.com
552 B
1 smartadserver.com
rtb-csync.smartadserver.com
700 B
1 zemanta.com
b1sync.zemanta.com
379 B
1 stackadapt.com
sync.srv.stackadapt.com
1 KB
1 nrich.ai
dsp.nrich.ai
566 B
1 adition.com
dsp.adfarm1.adition.com
524 B
1 criteo.com
dis.criteo.com
363 B
1 adroll.com
d.adroll.com
181 B
1 gcprivacy.com
p2.gcprivacy.com — Cisco Umbrella Rank: 14208
303 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
4 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1145
275 B
1 emailsnow.info
api.emailsnow.info — Cisco Umbrella Rank: 105848
270 B
1 mirabelsmarketingmanager.com
app.mirabelsmarketingmanager.com — Cisco Umbrella Rank: 99361
53 KB
1 amazonaws.com
ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 13100
460 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
185 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6147
408 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 720
483 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 655
325 B
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 85
2 KB
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
520 92
Domain Requested by
54 pagead2.googlesyndication.com tagan.adlightning.com
www.deseret.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
34 prebid-server.rubiconproject.com player.aniview.com
27 securepubads.g.doubleclick.net htlbid.com
tagan.adlightning.com
securepubads.g.doubleclick.net
www.deseret.com
26 tagan.adlightning.com www.deseret.com
tagan.adlightning.com
25 deseret.brightspotcdn.com www.deseret.com
deseret.brightspotcdn.com
24 tpc.googlesyndication.com www.deseret.com
tagan.adlightning.com
14 deseretdigital-tagan.adlightning.com tagan.adlightning.com
13 images.outbrainimg.com www.deseret.com
12 fastlane.rubiconproject.com saambaa.com
12 targeting.unrulymedia.com saambaa.com
11 cookie-cdn.cookiepro.com www.deseret.com
cookie-cdn.cookiepro.com
9 simage2.pubmatic.com ads.pubmatic.com
9 cm.g.doubleclick.net 9 redirects
9 www.google.com www.deseret.com
tagan.adlightning.com
8 image2.pubmatic.com ads.pubmatic.com
8 googleads.g.doubleclick.net tagan.adlightning.com
8 libs.outbrain.com tagan.adlightning.com
8 www.googletagservices.com www.deseret.com
tagan.adlightning.com
7 ads.yieldmo.com saambaa.com
tagan.adlightning.com
7 prebid.a-mo.net saambaa.com
tagan.adlightning.com
7 partner.googleadservices.com tagan.adlightning.com
7 saambaa.com tagan.adlightning.com
www.deseret.com
7 mcdp-nydc1.outbrain.com widgets.outbrain.com
6 hbopenbid.pubmatic.com saambaa.com
6 htlb.casalemedia.com saambaa.com
6 ap.lijit.com saambaa.com
6 apex.go.sonobi.com saambaa.com
6 cdn.vox-cdn.com www.deseret.com
5 match.prod.bidr.io 5 redirects
5 x.bidswitch.net 4 redirects
5 player.aniview.com tagan.adlightning.com
player.aniview.com
5 cdn.ampproject.org www.deseret.com
5 widgets.outbrain.com www.deseret.com
tagan.adlightning.com
widgets.outbrain.com
5 uploads.deseret.com www.deseret.com
www.googletagmanager.com
uploads.deseret.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 ib.adnxs.com 4 redirects
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 static.vidazoo.com tagan.adlightning.com
www.deseret.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
cdn.jsdelivr.net
4 connect.facebook.net www.deseret.com
connect.facebook.net
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 match.adsrvr.org ssum-sec.casalemedia.com
ads.pubmatic.com
3 bh.contextweb.com 2 redirects
3 challenges.cloudflare.com 1 redirects www.deseret.com
tagan.adlightning.com
3 pixel.quantserve.com www.deseret.com
3 sb.scorecardresearch.com 1 redirects www.deseret.com
3 restrainstorm.com www.deseret.com
restrainstorm.com
3 c.amazon-adsystem.com htlbid.com
c.amazon-adsystem.com
3 use.typekit.net www.deseret.com
use.typekit.net
2 c1.adform.net 2 redirects
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 loada.exelator.com 2 redirects
2 pixel-eu.onaudience.com 2 redirects
2 d5p.de17a.com 2 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 csync.loopme.me 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 creativecdn.com 2 redirects
2 sync.go.sonobi.com
2 p.rfihub.com 2 redirects
2 ads.pubmatic.com tagan.adlightning.com
ads.pubmatic.com
2 eus.rubiconproject.com tagan.adlightning.com
eus.rubiconproject.com
2 saambaa-static.azureedge.net www.deseret.com
2 api.saambaa.com tagan.adlightning.com
saambaa.com
2 track1.aniview.com www.deseret.com
player.aniview.com
2 server7.vidazoo.com static.vidazoo.com
2 www.mirabelanalytics.com d1vg5xiq7qffdj.cloudfront.net
www.deseret.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com www.deseret.com
tagan.adlightning.com
2 rules.quantcount.com secure.quantserve.com
tagan.adlightning.com
2 region1.google-analytics.com www.googletagmanager.com
2 mv.outbrain.com tagan.adlightning.com
2 d1vg5xiq7qffdj.cloudfront.net tagan.adlightning.com
2 cdn.mouseflow.com 1 redirects www.deseret.com
2 secure.quantserve.com www.googletagmanager.com
tagan.adlightning.com
2 api.deseret.com deseret.brightspotcdn.com
uploads.deseret.com
2 deseretnews.coral.coralproject.net www.deseret.com
deseretnews.coral.coralproject.net
2 www.googletagmanager.com www.deseret.com
www.googletagmanager.com
2 htlbid.com www.deseret.com
2 www.deseret.com deseret.brightspotcdn.com
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 pixel-sync.sitescout.com ads.pubmatic.com
1 ups.analytics.yahoo.com ads.pubmatic.com
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 sync.crwdcntrl.net ads.pubmatic.com
1 green.erne.co 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dsp.nrich.ai 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 cms.quantserve.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 token.rubiconproject.com eus.rubiconproject.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 d.adroll.com ssum-sec.casalemedia.com
1 image6.pubmatic.com ads.pubmatic.com
1 js-sec.indexww.com tagan.adlightning.com
1 43a6e9a6f3365f4999b2b8b347c006e1.safeframe.googlesyndication.com tagan.adlightning.com
1 insight.adsrvr.org tagan.adlightning.com
1 bis3.vidazoo.com static.vidazoo.com
1 inventory.vidazoo.com www.deseret.com
1 p2.gcprivacy.com player.aniview.com
1 cdn.jsdelivr.net tagan.adlightning.com
1 observe.aniview.com player.aniview.com
1 id5-sync.com cdn.id5-sync.com
1 widgetmonitor.outbrain.com widgets.outbrain.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 api.emailsnow.info www.deseret.com
1 app.mirabelsmarketingmanager.com d1vg5xiq7qffdj.cloudfront.net
1 ams-pageview-public.s3.amazonaws.com www.deseret.com
1 www.facebook.com www.deseret.com
1 www.google.de www.deseret.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cdn.id5-sync.com tagan.adlightning.com
1 p1.parsely.com www.deseret.com
1 photo-purchasing-api.deseret.com uploads.deseret.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com tagan.adlightning.com
1 b5d26ce7f654ea1b851fca63a89eb750.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 js.adsrvr.org www.googletagmanager.com
1 cdn.parsely.com www.googletagmanager.com
1 static.adsafeprotected.com www.deseret.com
1 widget-pixels.outbrain.com www.deseret.com
1 geolocation.onetrust.com cookie-cdn.cookiepro.com
1 p.typekit.net use.typekit.net
1 www.youtube.com www.deseret.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
520 139
Subject Issuer Validity Valid
origin.deseret.production.chorus.brightspot.cloud
Amazon RSA 2048 M01		 2023-01-26 -
2024-02-25		 a year crt.sh
cookiepro.com
Cloudflare Inc ECC CA-3		 2023-03-20 -
2024-03-19		 a year crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-21 -
2024-10-21		 a year crt.sh
htlbid.com
Amazon RSA 2048 M01		 2023-09-21 -
2024-10-18		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.adlightning.com
Amazon RSA 2048 M01		 2023-07-08 -
2024-08-05		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-11 -
2024-04-10		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-12-13 -
2023-12-13		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-23 -
2023-10-21		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
restrainstorm.com
R3		 2023-08-12 -
2023-11-10		 3 months crt.sh
deseretnews.coral.coralproject.net
GTS CA 1D4		 2023-09-25 -
2023-12-24		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.vox-cdn.com
GlobalSign Atlas R3 DV TLS CA 2023 Q1		 2023-01-15 -
2024-02-16		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-03-21 -
2023-12-19		 9 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2023-08-18 -
2024-08-17		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.outbrainimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-02 -
2024-03-02		 a year crt.sh
*.saambaa.com
Go Daddy Secure Certificate Authority - G2		 2023-04-03 -
2024-05-04		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
app1.mirabelanalytics.com
Go Daddy Secure Certificate Authority - G2		 2023-01-17 -
2024-02-14		 a year crt.sh
*.mirabelsmarketingmanager.com
Go Daddy Secure Certificate Authority - G2		 2022-10-03 -
2023-11-04		 a year crt.sh
api.emailsnow.info
R3		 2023-09-22 -
2023-12-21		 3 months crt.sh
*.aniview.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-11 -
2024-09-11		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.vidazoo.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-12 -
2024-04-03		 a year crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.gcprivacy.com
Amazon RSA 2048 M01		 2023-02-23 -
2024-01-01		 10 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2023-07-16 -
2024-07-16		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.a-mo.net
R3		 2023-10-06 -
2024-01-04		 3 months crt.sh
*.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2023-10-09 -
2024-11-07		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2023-10-08 -
2024-11-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh

This page contains 62 frames:

Primary Page: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Frame ID: DD1AD59FA843FE1CAC181F8349DB2EE9
Requests: 211 HTTP requests in this frame

Frame: https://b5d26ce7f654ea1b851fca63a89eb750.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F7FA185CD572FDF970CFB6E2562BEA54
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/gf4hm/0x4AAAAAAAA2pgcWAmjzIY_M/auto/normal
Frame ID: 975F0E5F86D0865BC92943F25BCA282C
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Frame ID: CD285142330194C22E9F4BD26573367C
Requests: 31 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Frame ID: 41A99F4F16369D3E36566AA0A3FF487D
Requests: 105 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-VideoWithoutLsd&env=1&message=video%20request%20for%20widget%20idx%3A101%20has%20no%20lsd%20param.%20call%20params%3A%20%7B%22fAB%22%3A%2211741-89554%22%2C%22feedIdx%22%3A%220%22%2C%22pauseOutOfView%22%3Afalse%2C%22playerLocation%22%3A%22aboveWidget%22%2C%22videoBidFloor%22%3Anull%2C%22videoHeight%22%3A429%2C%22videoWidth%22%3A764%2C%22permalink%22%3A%22https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack%22%2C%22widgetId%22%3A%22FMS_CP_1%22%2C%22originWidgetIdx%22%3A1001%2C%22rtbEnabled%22%3Atrue%2C%22fId%22%3A%22100%22%2C%22feedFatherIdx%22%3A%220%22%2C%22feedVersion%22%3A%222%22%2C%22et%22%3Atrue%2C%22extraParams%22%3A%22servePc%3Dtrue%26maxNumAds%3D3%26num%3D3%26maxNumOrganicRecs%3D0%26secondaryVideoReq%3Dtrue%26videolinearity%3D2%26plcmt%3D4%26fAB%3D11741-89554%26feedIdx%3D0%26appName%3Dfalse%26appCategory%3Dfalse%26appStoreUrl%3Dfalse%26playerLocation%3DaboveWidget%26layeredTestInfo%3D11741-89554-81574%2C12712-0-%2C12820-91493-91494%26recMode%3Dodb_video%26videoWidth%3D764%26videoHeight%3D429%26pauseOutOfView%3Dfalse%26placementType%3D4%26videoPlaybackMethod%3D2%26isRequestInView%3Dfalse%22%7D&stack=undefined&ver=2010485&ren=1&sId=9837681&dId=5362041369&pId=214965
Frame ID: 3DB6E47BBD5151C4EABF8910E6383E44
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Frame ID: 7413460B10C0D492DB4C7C0592715E8F
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: B51CB4905A7EF8981B5C17D756E6AC71
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6200089548495652&output=html&adk=1812271804&adf=3279755401&lmt=1697211368&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697218568635&bpp=4&bdt=1719&idt=266&shv=r20231011&mjsv=m202310090101&ptt=9&saldr=aa&cookie=ID%3D73cbd3e445d0b158%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_Mby9Dz-hJe4j_LG3otyFBnGWWUQlw&gpic=UID%3D00000c9791d8bde3%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_MYcNdJCko0qIgnfIPVSyO_M5mg1Uw&nras=1&correlator=1464624138789&frm=23&ife=4&pv=2&ga_vid=1727420462.1697218566&ga_sid=1697218569&ga_hid=1835518903&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=600&ifk=3871577901&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31078363%2C44804684%2C44805099%2C44805680%2C31078721%2C44800659&oid=2&pvsid=3190151112419911&tmod=2095976512&uas=0&nvt=1&fsapi=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.7u4mwxy8xjfp&fsb=1&dtd=289
Frame ID: 3AF6C5762F17D4A41D0F215E17DAAA25
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=63l7ij2&ref=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&upid=5v8nc1s&upv=1.1.0
Frame ID: AE4FC2310DF13B6BC4216C551499C5C1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 57382B0304B524DF757858C19200CD02
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F9DD9EF16E2068D90C5056E1E6971CCA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1F0E58FBC810FC639EFFD908B5B29C54
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E507787D74FCF2E40A2F76788CD0DFBB
Requests: 2 HTTP requests in this frame

Frame: https://43a6e9a6f3365f4999b2b8b347c006e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: A786AD7B43895F1D1D4F9028D1D059F0
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/bl-34df212-55348960.js
Frame ID: 7A6936C845DBE4DCF25D6DE8AAAED19A
Requests: 15 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/bl-34df212-55348960.js
Frame ID: 075CD4675E7925AA28862B44FD71AAE3
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=4198764255&pi=t.ma~as.RON_300x250_House&w=300&lmt=1697211371&url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697218570922&bpp=194&bdt=407&idt=469&shv=r20231011&mjsv=m202310100101&ptt=5&saldr=sd&cookie=ID%3D73cbd3e445d0b158-22ad1e73d6e7006f%3AT%3D1697218566%3ART%3D1697218569%3AS%3DALNI_MbmmAvVybUAJTPLvS0nsd_wFab16A&gpic=UID%3D00000c9791d8bde3%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_MYcNdJCko0qIgnfIPVSyO_M5mg1Uw&correlator=1464624138789&frm=23&ife=4&pv=2&ga_vid=1727420462.1697218566&ga_sid=1697218571&ga_hid=742970120&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=779&biw=1600&bih=1200&isw=300&ish=250&ifk=228789091&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078597%2C31078600%2C31078702%2C42531705%2C44801484%2C44805099%2C44805681%2C31078297%2C31078772%2C31078772&oid=2&pvsid=2656168397849019&tmod=655187950&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qhlwfk7gfcuc&fsb=1&dtd=483
Frame ID: DE04EDD7C56B36F64B7C0C4C60653E13
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/bl-34df212-55348960.js
Frame ID: 582E36CDC599710F675679C61CE5E67E
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=4198790040&pi=t.ma~as.RON_300x250_House&w=300&lmt=1697211371&url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697218571364&bpp=143&bdt=360&idt=390&shv=r20231011&mjsv=m202310040101&ptt=5&saldr=sd&cookie=ID%3D73cbd3e445d0b158-22ad1e73d6e7006f%3AT%3D1697218566%3ART%3D1697218569%3AS%3DALNI_MbmmAvVybUAJTPLvS0nsd_wFab16A&gpic=UID%3D00000c9791d8bde3%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_MYcNdJCko0qIgnfIPVSyO_M5mg1Uw&correlator=1464624138789&frm=23&ife=4&pv=1&ga_vid=1727420462.1697218566&ga_sid=1697218572&ga_hid=1668355029&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=779&biw=1600&bih=1200&isw=300&ish=250&ifk=249541241&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078599%2C44795922%2C44805098%2C44805333&oid=2&pvsid=3419755253331875&tmod=950078835&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8q7jjc6bxq0c&fsb=1&dtd=407
Frame ID: 78DAC2F0821CBFF7D9D1BD21C24884D8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9D9DAC3D11E5877A6EDF46FE24F2D71E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B5D93F84325DB24092E4C724F57295B0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 13E289C4FA9CAC6FAB85571731DDDF29
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FA3E3A9E3CF120686A2C4E1030EBCD86
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=4198791073&pi=t.ma~as.RON_300x250_House&w=300&lmt=1697211372&url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697218572038&bpp=176&bdt=383&idt=435&shv=r20231011&mjsv=m202310100101&ptt=5&saldr=sd&cookie=ID%3D73cbd3e445d0b158-22ad1e73d6e7006f%3AT%3D1697218566%3ART%3D1697218569%3AS%3DALNI_MbmmAvVybUAJTPLvS0nsd_wFab16A&gpic=UID%3D00000c9791d8bde3%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_MYcNdJCko0qIgnfIPVSyO_M5mg1Uw&correlator=1464624138789&frm=23&ife=4&pv=1&ga_vid=1727420462.1697218566&ga_sid=1697218572&ga_hid=1267103597&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=779&biw=1600&bih=1200&isw=300&ish=250&ifk=3430577611&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805099%2C44805113%2C44805534%2C31078301%2C31078722%2C31078680&oid=2&pvsid=1324081584673198&tmod=1786617360&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.oj8ror2wocvv&fsb=1&dtd=450
Frame ID: 06E83B0770198D37D8E48CCDD3FFBB3F
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/bl-34df212-55348960.js
Frame ID: 0D04E9B42D3E79A7C9CF08E24F614403
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E9C892701DC11CB7430747FFE27AF4E4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A8CCCA8692938871DCDEC216FA0A0A95
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 67E7E2B45A61D5AE449AE5EC67DED3F7
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2075C6A09AD895273FED379DAD127159
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 6EEFBC68F0FBDE5315618699C9AD04D7
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 5A3B4A8A214BCA9BF797542253CE8186
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Frame ID: 3363E8B2DE2DB96C4A6C26A055E2474F
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=4198791690&pi=t.ma~as.RON_300x250_House&w=300&lmt=1697211373&url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697218572900&bpp=179&bdt=376&idt=385&shv=r20231011&mjsv=m202310040101&ptt=5&saldr=sd&cookie=ID%3D73cbd3e445d0b158-22ad1e73d6e7006f%3AT%3D1697218566%3ART%3D1697218569%3AS%3DALNI_MbmmAvVybUAJTPLvS0nsd_wFab16A&gpic=UID%3D00000c9791d8bde3%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_MYcNdJCko0qIgnfIPVSyO_M5mg1Uw&correlator=1464624138789&frm=23&ife=4&pv=1&ga_vid=1727420462.1697218566&ga_sid=1697218573&ga_hid=1361919658&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=779&biw=1600&bih=1200&isw=300&ish=250&ifk=1414285183&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31078363%2C31078600%2C44785292%2C44795921%2C44805099%2C44805336%2C31078301&oid=2&pvsid=1811280213203266&tmod=1665545535&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.z4sv2yy7ysa5&fsb=1&dtd=403
Frame ID: 1F54CBCD21000240FB5705BDDBACC84D
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/bl-34df212-55348960.js
Frame ID: E1831A8386C4B26A96CBE284509E0395
Requests: 13 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.deseret.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 3E49E95C6FA19E45D81C3E512C629CD3
Requests: 10 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 3DBC9A9B42B2CEA739542006E26312A2
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C2816F61-3F27-4BD9-A182-4BC52AEB1678&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 424E839B32F135189BF1B9CA8596B5E2
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Nar6kjuv-J0uqPDJNarlnmeu_cou_f6TZfnsJI0p
Frame ID: 0B9A28A61A9FE739BE45FF22F7FB861A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2152010090563711636&gdpr=0&gdpr_consent=
Frame ID: E923F7919093BAFB9B97538B034F478F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7289498269495064724&gdpr=0&gdpr_consent=
Frame ID: F894FA2F663A956D7D252AED8DF25D71
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c6ff1d08-9578-45d0-b385-dc426ad5b3e9&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 52CF7D570D777798F06F51E2D1C5D5B4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VoJCl8w3UtFGYzoFkblkWFD_B2k&gdpr=0&gdpr_consent=
Frame ID: 2019DF799FD5FC0E316113E5722F4FC3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Frame ID: B76B338ED92B2A7A1107BD838FDD2730
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZSmADgAXneS10wAb
Frame ID: AE0D6145EB2E83F407128C21AFD7757B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEqFU7KUwAAABjTiSzwQg&gdpr=0&gdpr_consent=
Frame ID: DBB2E5DA55C619A23F54FA35A3E520B2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: B68EECE1C33B3C6670150B2B701CBF69
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUf0a1abacc1344af98bb3f9b1cbbce485
Frame ID: 65F2BB100123952E92E3AD63F4F0E7D1
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 884E7E4FFC6B641FACF7E2A1B5A2B3C7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8926402306414133288
Frame ID: 07D098C2EBE6AEF040F479B354AE07C1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588526877986703
Frame ID: F15E75D68173E0B3F36BDC206EF32CB4
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 42655FA27311D089EE30DE53B6192A57
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: C6B2F5B772AA9B67AAD29201355AF831
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 097E3F95AB5268183E97606EF1C8D8AE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYUMnXYMVXMjnWSVR&gdpr=0&gdpr_consent=
Frame ID: 54B7D634CA45893DE6F83F37097D49C4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 18F50AA2133AFE9191319EEC8D446EB8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F245EE9D77481883F441E6975B05A319
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=3171325993&pi=t.ma~as.RON_300x250_House&w=300&lmt=1697211374&url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697218573770&bpp=128&bdt=440&idt=345&shv=r20231011&mjsv=m202310100101&ptt=5&saldr=sd&cookie=ID%3D73cbd3e445d0b158-22ad1e73d6e7006f%3AT%3D1697218566%3ART%3D1697218569%3AS%3DALNI_MbmmAvVybUAJTPLvS0nsd_wFab16A&gpic=UID%3D00000c9791d8bde3%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_MYcNdJCko0qIgnfIPVSyO_M5mg1Uw&correlator=1464624138789&frm=23&ife=4&pv=1&ga_vid=1727420462.1697218566&ga_sid=1697218574&ga_hid=1505547067&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=779&biw=1600&bih=1200&isw=300&ish=250&ifk=794634326&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C31078594%2C44805098%2C44805333%2C44805681%2C31078772%2C31078773&oid=2&pvsid=188768659515533&tmod=895744978&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nkt55esxq4wl&fsb=1&dtd=359
Frame ID: 609DA5901276A2C470085809E399D6FC
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/bl-34df212-55348960.js
Frame ID: 546FD84D66094526A1EB214F4236105E
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F10BC868ED9DF83C1F775D0DBAA18328
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6B6B6388384AE89B4923A06C30332F31
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=3171331074&pi=t.ma~as.RON_300x250_House&w=300&lmt=1697211374&url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697218574519&bpp=175&bdt=369&idt=377&shv=r20231011&mjsv=m202310040101&ptt=5&saldr=sd&cookie=ID%3D73cbd3e445d0b158-22ad1e73d6e7006f%3AT%3D1697218566%3ART%3D1697218569%3AS%3DALNI_MbmmAvVybUAJTPLvS0nsd_wFab16A&gpic=UID%3D00000c9791d8bde3%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_MYcNdJCko0qIgnfIPVSyO_M5mg1Uw&correlator=1464624138789&frm=23&ife=4&pv=1&ga_vid=1727420462.1697218566&ga_sid=1697218575&ga_hid=1231010934&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=779&biw=1600&bih=1200&isw=300&ish=250&ifk=741832354&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077328%2C31078019%2C31078362%2C31078593%2C44795922%2C44804683%2C44805099%2C31078297%2C31078773&oid=2&pvsid=3696380480302931&tmod=1773186293&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8u1y6dp393lh&fsb=1&dtd=395
Frame ID: 2CF3DC3D38C969EAF54237B179D7FE05
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

23andMe confirms hack - Deseret NewsclockCST_Back ButtonSearch IconFilter Icon

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.mouseflow\.com
Overall confidence: 100%
Detected patterns
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

520
Requests

95 %
HTTPS

32 %
IPv6

92
Domains

139
Subdomains

103
IPs

7
Countries

7923 kB
Transfer

19105 kB
Size

35
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64
  • https://cdn.mouseflow.com/projects/28b1e958-8657-4d54-a073-14408dcf4628.js HTTP 301
  • https://cdn.mouseflow.com/projects/28b1e958-8657-4d54-a073-14408dcf4628_eu.js
Request Chain 109
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=cf__reactTurnstileOnLoad&render=explicit HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/dffb14d6/api.js?onload=cf__reactTurnstileOnLoad&render=explicit
Request Chain 262
  • https://sb.scorecardresearch.com/c2/16033947/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 419
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5144588526877986703
Request Chain 420
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=c6ff1d08-9578-45d0-b385-dc426ad5b3e9&google_hm=YzZmZjFkMDgtOTU3OC00NWQwLWIzODUtZGM0MjZhZDViM2U5 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDxPIaY1rEkfelxZU3hjhBE&google_cver=1&ssp=sonobi&bsw_param=c6ff1d08-9578-45d0-b385-dc426ad5b3e9
Request Chain 421
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=Kk4Q9XzeedD4KnZvw8d5&pi=sonobi&tc=1
Request Chain 422
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=9bd1696d-b702-41c6-8907-6b63692ce4f9&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=dl9MYkl3bkUwa3VCdVBDcHB6bDFkQQ&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESENtIZgxVCzNIOXgryAfkEeY&google_cver=1
Request Chain 435
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.deseret.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.deseret.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 438
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSmADQ1vbrQA2WGyx2SooQAAFIwAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSmADQ1vbrQA2WGyx2SooQAAFIwAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 440
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZSmADQ1vbrQA2WGyx2SooQAAFIwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJjEGSSlPNoMv6bz-bnZWhY&google_cver=1
Request Chain 441
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZSmADQ1vbrQA2WGyx2SooQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIh6bshoj8tFa1t_GiauHE4&google_cver=1
Request Chain 443
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=5e1c385f-940e-4aca-9e97-01fc97f934ce&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 444
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=RCPc093d1QRm585
Request Chain 445
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D190%26external_user_id%3D%24UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2152010090563711636
Request Chain 462
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C2816F61-3F27-4BD9-A182-4BC52AEB1678&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C2816F61-3F27-4BD9-A182-4BC52AEB1678&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 463
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Nar6kjuv-J0uqPDJNarlnmeu_cou_f6TZfnsJI0p
Request Chain 464
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2152010090563711636&gdpr=0&gdpr_consent=
Request Chain 465
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7289498269495064724&gdpr=0&gdpr_consent=
Request Chain 466
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c6ff1d08-9578-45d0-b385-dc426ad5b3e9&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=24891e47-09fa-4a2c-bafc-adfd2ff4ced2&expires=1&user_group=2&ssp=pubmatic&bsw_param=c6ff1d08-9578-45d0-b385-dc426ad5b3e9&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c6ff1d08-9578-45d0-b385-dc426ad5b3e9&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 467
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VoJCl8w3UtFGYzoFkblkWFD_B2k&gdpr=0&gdpr_consent=
Request Chain 468
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 469
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZSmADgAXneS10wAb
Request Chain 470
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFcUZVN0tVd0FBQUJqVGlTendRZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEqFU7KUwAAABjTiSzwQg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=9043595632750379260&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAEqFU7KUwAAABjTiSzwQg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D9043595632750379260%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=9043595632750379260&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAEqFU7KUwAAABjTiSzwQg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEqFU7KUwAAABjTiSzwQg&gdpr=0&gdpr_consent=
Request Chain 471
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 472
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUf0a1abacc1344af98bb3f9b1cbbce485
Request Chain 474
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8926402306414133288
Request Chain 475
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588526877986703
Request Chain 479
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNrGB8F9IYUMnXYMVXMjnWSVR%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNrGB8F9IYUMnXYMVXMjnWSVR%2526gdpr%253D0%2526gdpr_consent%253D&xl8blockcheck=1 HTTP 302
  • https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=2c6b38ca2bf48886c4620f57e6ce5064&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DNrGB8F9IYUMnXYMVXMjnWSVR%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYUMnXYMVXMjnWSVR&gdpr=0&gdpr_consent=
Request Chain 480
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=woFvYT8nS9mhgkvFKusWeA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 482
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=385060757
Request Chain 483
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=C2816F61-3F27-4BD9-A182-4BC52AEB1678 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZTdnYUtMYnhVaHpUY3VQdGROQ2RhSk83QQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=6865142194354540222&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 484
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzI4MTZGNjEtM0YyNy00QkQ5LUExODItNEJDNTJBRUIxNjc4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 485
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELmKY2gcT27L4ulHDnBp8TY&google_cver=1
Request Chain 487
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6865142194354540222
Request Chain 492
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3388646453142148623&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 494
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:61dab23d-3d53-41ba-b9bb-b6af31146629&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

520 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 23andme-hack
www.deseret.com/u-s-world/2023/10/11/23913095/ 		110 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-30.fra56.r.cloudfront.net
Software
istio-envoy / Brightspot
Resource Hash
ad8b9ded54ab5f4ac8d85fdcf732d263a16f48b1ecf80fa12ea8c8a7a5af1841
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
91
content-encoding
gzip
content-length
27480
content-type
text/html;charset=UTF-8
date
Fri, 13 Oct 2023 17:34:33 GMT
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
x-amz-cf-id
nGZg1n_023osBRvJSjhhHcETUvvnqoBkaB1XruOZUEw9TajU-504Rw==
x-amz-cf-pop
FRA56-P4
x-cache
Hit from cloudfront
x-envoy-decorator-operation
brightspot-cms-verify.deseret.svc.cluster.local:80/*
x-envoy-upstream-service-time
176
x-powered-by
Brightspot
OtAutoBlock.js
cookie-cdn.cookiepro.com/consent/f7029bfa-4907-411f-b3ea-2327c44ae364/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/consent/f7029bfa-4907-411f-b3ea-2327c44ae364/OtAutoBlock.js
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1691528e16358e4a55f27a5960fdb5c5cfc05671e6682aa5d28ce102f483e758
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Oct 2023 17:36:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
Tir0qK8nCZjoJmsFueP6dw==
age
61299
x-ms-lease-status
unlocked
last-modified
Mon, 26 Jun 2023 19:15:34 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
3cba9668-501e-00b6-3562-a84a3b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
815957c058152be5-FRA
otSDKStub.js
cookie-cdn.cookiepro.com/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d62ad0f23c60258f120e52cf68b2e1adff5c1bf5bde5ac8f8d6e5f4c4c64f34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Oct 2023 17:36:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
h6ThlO7ea17v6JNPXbI1zQ==
age
85213
x-ms-lease-status
unlocked
last-modified
Thu, 28 Sep 2023 05:11:02 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1d1b1645-a01e-001b-7c3a-f2064e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
815957c058132be5-FRA
expires
Sat, 14 Oct 2023 17:36:05 GMT
qzq4qkv.css
use.typekit.net/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/qzq4qkv.css
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
18e417acc2170bc5559488138d56f4d308d36104a26eff8c23dd2cb371ab514a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Fri, 13 Oct 2023 17:36:05 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
890
All.min.ba186237bf972f8038809f4e5a1dd24c.gz.css
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/ 		330 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.ba186237bf972f8038809f4e5a1dd24c.gz.css?v=1212
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-98.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3be3ea27f1cc3f395b7ca23f048103f9c253c61a4e3391ec6a0201c6833ce4be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 00:44:26 GMT
content-encoding
gzip
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
last-modified
Wed, 20 Sep 2023 15:47:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
1183900
etag
"d32767613146390924211d2e6ad552d6"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
44655
x-amz-cf-id
4HKGO5y6_8eZzKAMliqn5xZLpXnwcrii8jDWQ5sTlOLQDfkEEHRATQ==
webcomponents-loader.2938a610ca02c611209b1a5ba2884385.gz.js
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/webcomponents-loader/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/webcomponents-loader/webcomponents-loader.2938a610ca02c611209b1a5ba2884385.gz.js
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-98.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e524d44843e7d1c9ec644402f6d3c2b74655676f373b5c1338807c11afc2325e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 00:44:26 GMT
content-encoding
gzip
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
last-modified
Thu, 17 Feb 2022 23:47:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
1183900
etag
"15a442be7d06ec40170c3c91ac824065"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
999
x-amz-cf-id
sJ0P-XzMVE61crATlkz6-I6w64CGrL6eMhCAlxC0QankCqzeS5yvEw==
All.min.63baa46b878b908e122a755d549ee143.gz.js
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/ 		184 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.63baa46b878b908e122a755d549ee143.gz.js
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-98.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86cbd186d5f518d881af44ace9a2d7afc7e354f5ce6c2d0a675da7161881f42e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 23:43:45 GMT
content-encoding
gzip
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
last-modified
Tue, 18 Jul 2023 23:19:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
1965141
etag
"3cc9eaf9e696f596cbbffebb7eb93d1e"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
57611
x-amz-cf-id
webY6XlIJ_um6tQqA9aCKuryho2G7x7Y7BLPe0aXNMQLXn25jB7cDg==
htlbid.css
htlbid.com/v3/deseret.com/ 		4 KB
881 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://htlbid.com/v3/deseret.com/htlbid.css
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-79.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ade64b94b199f7eed364aed791007ad5ea08cb6b4d23d29a4e525eed6d546cc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:35:18 GMT
content-encoding
br
via
1.1 eefbd9216704235f6900c0fa85615204.cloudfront.net (CloudFront)
last-modified
Tue, 06 Jun 2023 18:26:03 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
age
48
x-amz-server-side-encryption
AES256
etag
W/"a18677c6faa95e37000068d366bbdeb4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=600
x-amz-cf-id
Idtpi2kIYjTO_1CLjUm5Wl0bqQXXVa1iYZPBcB5Yz1W7Ogg9QYAbjA==
htlbid.js
htlbid.com/v3/deseret.com/ 		356 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://htlbid.com/v3/deseret.com/htlbid.js
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-79.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d189f904a81929215a78710cd0337eab3adab4134c6b0650dc74962902da3e6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:35:18 GMT
content-encoding
br
via
1.1 eefbd9216704235f6900c0fa85615204.cloudfront.net (CloudFront)
last-modified
Tue, 06 Jun 2023 18:26:03 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
age
48
x-amz-server-side-encryption
AES256
etag
W/"90b905370f8bd50a600e0eab0962b367"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600
x-amz-cf-id
eMsE44l96QewbUi3JzoeQpZSmdQLenr7BoPmtGbAQ2DhEe13QktuBw==
gpt.js
www.googletagservices.com/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e29d4bfe55c57879b5c57a0560cf4ea68693428428e9a3951d5356b65eccd2b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29099
x-xss-protection
0
server
cafe
etag
325 / 19643 / 31078805 / config-hash: 8825080756604653567
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:36:05 GMT
op.js
tagan.adlightning.com/deseretdigital/ 		62 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/op.js
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eef02ba8163b3a25fd46d9b7004a52ea61dec32650d26f3dc62345bf16d6a570

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
esakHOKxHMhs71z8_zc.99hbsLBAveDH
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
date
Fri, 13 Oct 2023 16:40:20 GMT
x-amz-cf-pop
FRA60-P4
age
3346
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25713
x-amz-meta-git_commit
e09f10f
last-modified
Fri, 13 Oct 2023 00:17:41 GMT
server
AmazonS3
etag
"1a264a746640af7e0ee6123d5e196cb8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
4YAHkzVp7zWol_SMliYiA2cVPoRLVxsxPfscSnQ6qzUrYuumuLOADw==
deseret-scripts.bsp.min.js
uploads.deseret.com/scripts/ 		230 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uploads.deseret.com/scripts/deseret-scripts.bsp.min.js
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1971 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43ee8d49b779f7ba1212ac242d044b06995064a69dc32164f8e3301524d5c203

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:05 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 26 Sep 2023 17:15:49 GMT
server
cloudflare
x-amz-request-id
42H47HGVNZC4VH0D
age
4919
etag
W/"9277e0c082bc4b55d084eb25590a2440"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=14400
cf-ray
815957c2fba34d37-FRA
x-amz-id-2
DuFdIxxpJbCHzkBEOQrIqV0N4tl6MY4X7Ho66WY7jM2EZ2PluoQwabKtuTVUtFBHvIC783YNF7c=
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bce50a6c3baaeb81c86f575125a959fdb1ffc5bb7a3bec2452503fda239ba4d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Fri, 13 Oct 2023 17:36:05 GMT
Benton_Sans_Regular.a86565d35df3a9fb1e50b963cbf97a13.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Regular.a86565d35df3a9fb1e50b963cbf97a13.woff2
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-98.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66f0dc601980210348b662950393979dddd60cd7d71deec55d52d33dba6480bd

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 00:41:12 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
1184094
x-cache
Hit from cloudfront
content-length
76568
last-modified
Thu, 17 Feb 2022 23:47:56 GMT
server
AmazonS3
etag
"f6743a187328e0bf82aeda554e81482c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
_EuRX4yP4LnoQlEe3YX5ejXhX7VrEO39EtyFWjUTkDGd4mfCy_Woqw==
Benton_Sans_Bold.8cb714e2e55e898768c36431818db72f.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Bold.8cb714e2e55e898768c36431818db72f.woff2
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-98.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f2a94eb1d42e17433281e0b974340f4d2efc5ef5033d0d4af074a96012c6ba1d

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 23:20:36 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
1793730
x-cache
Hit from cloudfront
content-length
74663
last-modified
Thu, 17 Feb 2022 23:47:56 GMT
server
AmazonS3
etag
"d6b2f91fd8fea5cf04d2cffb91358fa7"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
W7RovWFk725IzZffyHcck0_SRbbSw5iuMyvEOVU3xhqa0P_QGiiqDw==
Benton_Sans_Condensed_Medium.bb363d55467296410f913b84056528f9.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 		80 KB
81 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Condensed_Medium.bb363d55467296410f913b84056528f9.woff2
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-98.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7be8d23faf8e20f95b11c1a6b936f8e7fab5edfe166294fa5cbddd5f4aee8dbc

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 00:44:26 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
1183900
x-cache
Hit from cloudfront
content-length
82104
last-modified
Thu, 17 Feb 2022 23:47:57 GMT
server
AmazonS3
etag
"d0db157337143c199a26534b83cf3209"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
-mItIGo6qAe1zB_wGVS9tDICHnmC-CY7Rd01uqts1-jGhS8Qi8cYiA==
Poynter_Oldstyle_Display_Bold.26cefedcab11054b85987ff2f992a2c5.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Display_Bold.26cefedcab11054b85987ff2f992a2c5.woff2
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-98.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a95d7230e92fa3f5e49d0a98b70db47eca288aa80c32e7aa463fbf0887ed6648

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 00:44:26 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
1183900
x-cache
Hit from cloudfront
content-length
47611
last-modified
Thu, 17 Feb 2022 23:47:57 GMT
server
AmazonS3
etag
"4d9e86bc030f11c019ff00eb6acd78f4"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
7_PwpqZf-4CJ9tPxe4vEZaUCnPVHvH8EzRytCvMXJihaexnb1XIw2g==
Poynter_Oldstyle_Text_Italic.9f7066049b8a07ca0e905ba46c8645f4.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 		59 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Italic.9f7066049b8a07ca0e905ba46c8645f4.woff2
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-98.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2dcf4e292cf679e2c8530bc37a6f23979b184ba573845ddbb1e9d595a554227

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 19:25:08 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
1894258
x-cache
Hit from cloudfront
content-length
60787
last-modified
Thu, 17 Feb 2022 23:47:57 GMT
server
AmazonS3
etag
"752938771efdce1e27b5387be02c2bcc"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
8_yCy6yBDUlVTV1ICBvrfmsl_NlYk4hNTRhFYH1vvq0iUnwMD63m-w==
Poynter_Oldstyle_Text_Roman.7d4d83ea55695b66b9beb992fadfb14b.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 		60 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Roman.7d4d83ea55695b66b9beb992fadfb14b.woff2
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-98.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a09d02e6d88797dbde0e92bbca6e534dbe41f4add18f56f2e10ab3ae98dca0a6

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:40:33 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
953733
x-cache
Hit from cloudfront
content-length
61012
last-modified
Thu, 17 Feb 2022 23:47:58 GMT
server
AmazonS3
etag
"1dc88c1f4c13b4a7444f0c52628d8cf2"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
--eRl-bty-MSNPkvWJTpmUrtaUB7YS-ZMUeuUx0S4BDuvcf4y5BQ6Q==
Poynter_Oldstyle_Text_Bold.401d3b047965b9833f0ef9a4299972b2.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 		60 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Bold.401d3b047965b9833f0ef9a4299972b2.woff2
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-98.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f7845baf48f3b8c34aad7cdfabdbde46cdefcd61f5843bb8e485ecd17b35381

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 00:44:26 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
1183900
x-cache
Hit from cloudfront
content-length
61221
last-modified
Thu, 17 Feb 2022 23:47:58 GMT
server
AmazonS3
etag
"878d3707418d2a777352b5a61447448e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
xKBYvtAaIlwGJcCOqeoLBRF7wgWGR-LsOqUGJf2SZmeVGg7Y_lD7WQ==
Benton_Sans_Regular.409a2ac6bc1aa08eb312bd751e5b8f40.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 		101 KB
101 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Regular.409a2ac6bc1aa08eb312bd751e5b8f40.woff
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-98.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bcc5776e9fae4fdacc876c8fec1a448df437dbcb9c79920384bd88d8cebb3869

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 11:53:00 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
1489386
x-cache
Hit from cloudfront
content-length
103205
last-modified
Wed, 25 May 2022 18:26:51 GMT
server
AmazonS3
etag
"dc0e0fc6f3d76709193bbed5251160f8"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-font-woff
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
gDx914UpqobAJyp7rv3Xg6y4TawT7FfKyvtjAU-WSg31JH6s96j0GA==
Benton_Sans_Bold.d49a5ce3e771acb6ef7780dfb8628852.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 		98 KB
99 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Bold.d49a5ce3e771acb6ef7780dfb8628852.woff
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-98.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
69ad3aa28d82aca629d5970eb80b68d85111d458e08fe3eae014ed8cc509637a

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 17:47:00 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
1122546
x-cache
Hit from cloudfront
content-length
100842
last-modified
Wed, 25 May 2022 18:26:52 GMT
server
AmazonS3
etag
"f877dc687a87566a2fb8dae0a4990b93"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-font-woff
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
eRY_ZLL1ppn-J0rI9kkcl3OffWmMyXK3vW4KQn-HQZX2rXOJ3JV5Gw==
Benton_Sans_Condensed_Medium.93a6c93a1977e45c6c8110ece8b4b5d0.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 		109 KB
109 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Condensed_Medium.93a6c93a1977e45c6c8110ece8b4b5d0.woff
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-98.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eabb880277c8644d8b8d3134cc8649109692ee1d1d4ca460374dd7cd97c9271b

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 19:25:07 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
1894259
x-cache
Hit from cloudfront
content-length
111108
last-modified
Wed, 25 May 2022 18:26:52 GMT
server
AmazonS3
etag
"20ed51646fe20feb81c38d16459545c7"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-font-woff
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
qxwkkw3SZMBkJoYR_JQL536twSEiGLK0x-fmlioMr0i0kquE7UdJ9w==
Poynter_Oldstyle_Display_Bold.3ae2bb4526d6e998f6f95c1227253d91.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Display_Bold.3ae2bb4526d6e998f6f95c1227253d91.woff
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-98.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3e1d573601ec8fc04b7410e8593284ffce7fbcc2148ce3070349b6218a40d1f

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 00:44:26 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
1183900
x-cache
Hit from cloudfront
content-length
63207
last-modified
Wed, 25 May 2022 18:26:53 GMT
server
AmazonS3
etag
"1a399b504bfc628afade8572bcac1b9f"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-font-woff
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
iiPaeqR6o24EI5PeKe5MvgckYzXNXvS7MsjyjyS3rq9Vz4N07qDqEw==
Poynter_Oldstyle_Text_Italic.1852359a620808c5c15d4adc10b281d9.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Italic.1852359a620808c5c15d4adc10b281d9.woff
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-98.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a6d8efcec4beb19fdcb6e14e5ae504451a3d846afe70c26c79825c9b9121a9be

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 00:44:26 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
1183900
x-cache
Hit from cloudfront
content-length
76745
last-modified
Wed, 25 May 2022 18:26:53 GMT
server
AmazonS3
etag
"002ec9b19e3a826a9001a395312bacc2"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-font-woff
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
dmLC8SciKyexKL0X1d5twEjtuWPaL4T2hnBbMHXwcal6UnbbVa3nDA==
Poynter_Oldstyle_Text_Roman.a3e2828fcd9d3b031c3d3e07aea3d55e.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 		74 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Roman.a3e2828fcd9d3b031c3d3e07aea3d55e.woff
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-98.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
96f1bf7e1c0ac4c3310832746a1a8887970155a1de90935c488b05a0c2c73c1e

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 00:44:26 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
1183900
x-cache
Hit from cloudfront
content-length
76278
last-modified
Wed, 25 May 2022 18:26:53 GMT
server
AmazonS3
etag
"544e553d046beae465d90cbede131aa7"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-font-woff
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
mde2q3h_ahAZqVwBU97mKJ_g4npGUwINAkUo0ByXkLvu8xa7sxGiNQ==
Poynter_Oldstyle_Text_Bold.5151938f16d42d400f1b1b6cf8ce28b0.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Bold.5151938f16d42d400f1b1b6cf8ce28b0.woff
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-98.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb6d8677f4fe82deb229a4a4123c46c3378a92cf5e17f4844dcf430dd1ff6b45

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:36:09 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
1958397
x-cache
Hit from cloudfront
content-length
77143
last-modified
Wed, 25 May 2022 18:26:54 GMT
server
AmazonS3
etag
"eb6b6b4a47bbbb92360446b2b945de30"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-font-woff
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
s5_jo5LtP43IZkU5FoMKWgoR3I3wqOnH1EdkBfc8XDbN3N1fKwE_Zw==
deseret.svg
deseret.brightspotcdn.com/a8/e0/1f3859ae45049aa4e408a6134060/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://deseret.brightspotcdn.com/a8/e0/1f3859ae45049aa4e408a6134060/deseret.svg
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-98.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e56d46b73d36a4cd2959b5163de05df3f69ed1a27f99ffed7bd73089ba7ab88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 17:47:50 GMT
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
last-modified
Fri, 18 Feb 2022 13:41:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
1122496
etag
"96da6f127c1dfe20cd4dd8043d3b2711"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
5129
x-amz-cf-id
S2srePgKBYQTZ_LDucmI9dQwuDNTYTGFrJbt81yW8Px9PbvPLwsHqw==
outbrain.js
widgets.outbrain.com/ 		233 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.97.54 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-97-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
943af193bd52ff371de8563ac4c37515d4604d929cadb9fce6ea5b59bde63195

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:05 GMT
content-encoding
gzip
last-modified
Wed, 11 Oct 2023 10:09:06 GMT
etag
"24-w91KBn6x/Xzttbr3OLRAhld7TX0"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=14500
access-control-allow-credentials
false
x-traceid
9b3d2d983d57df1c99339710c0443fe2
timing-allow-origin
*, *
content-length
86208
access-control-request-headers
X-OB-STG,X-OB-PRD
deseret-all-white.svg
deseret.brightspotcdn.com/f5/3a/e18fad7149db9774e45b66febd3e/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://deseret.brightspotcdn.com/f5/3a/e18fad7149db9774e45b66febd3e/deseret-all-white.svg
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-98.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb0937c8795554e0837a02e3c17fc431c8665d70b631fd4bc285e8c10e5e22a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 23:11:54 GMT
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
last-modified
Fri, 18 Feb 2022 17:21:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
1967051
etag
"1e425a1d2e93778d611f9b7683f6837e"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
6126
x-amz-cf-id
abxFlmds2S4M54MwgR-GMKdEFgvc_QF26INAIUFVF_7SSGLd4BTDGw==
bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/_resource/analytics/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/_resource/analytics/bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-98.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e4d188579bddcd83fc8d1383f60e6a50c5cc3428e4f6c32b493a8cce04bc9c87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 00:20:25 GMT
content-encoding
gzip
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
last-modified
Thu, 17 Feb 2022 23:47:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
1185341
etag
"c066757a8992615b576ac565d39d182d"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
3003
x-amz-cf-id
msjuJzuluoPNIHvmVnSuCgMKPLVX2dXT2pbnmmnPWZJ0yk9uLNyXpQ==
f7029bfa-4907-411f-b3ea-2327c44ae364.json
cookie-cdn.cookiepro.com/consent/f7029bfa-4907-411f-b3ea-2327c44ae364/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/consent/f7029bfa-4907-411f-b3ea-2327c44ae364/f7029bfa-4907-411f-b3ea-2327c44ae364.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50e378c7aa7ad5b23df32fb96dd0f293cbaa9c51e72047aca49dfeb12b18990d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Oct 2023 17:36:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
c3HWtXP90yuZCcZp4eDixw==
age
33222
x-ms-lease-status
unlocked
last-modified
Mon, 26 Jun 2023 19:15:34 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e971da02-101e-006c-3962-a8d3da000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
815957c15dc030db-FRA
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=qzq4qkv&ht=tk&f=30813.30814.30816.30818.30834.31040.31047&a=12600432&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:05 GMT
last-modified
Fri, 23 Jun 2023 17:09:47 GMT
server
nginx
etag
"6495d1db-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		78 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
792074561f2d94442c8648916f41fc6016817b61d554daa9c67301aeecca14bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
815957c2a8b218f5-FRA
access-control-allow-headers
Content-Type
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e67bc3d2fc5ef2434ba9ca9399ab2a31a334d9154395fc0a26309c91b7ebb2ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 13 Oct 2023 17:36:05 GMT
content-md5
vDesKTAo0/zQqZPvkrO2Aw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-debug
So6UCT7TMx+3I4tTxxxTpSR/dvH1sH69ipH1IJo34EQC617mRHfqQWYa9Lwyrz2CzvL/NJGobD6NhzENTW1Nzg==
x-fb-content-md5
6559b46934c5b37b0416fdf134e7c776
cross-origin-opener-policy
same-origin-allow-popups
etag
"492838e780d7c111471f1a587244fa83"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:53:35 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/deseret.com/htlbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56392ebad5b40a679bde656531d22e8618674cf8f8645503f050b2ad668c4ddf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29516
x-xss-protection
0
server
cafe
etag
565 / 19643 / m202310100101 / config-hash: 8825080756604653567
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:36:05 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		255 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/deseret.com/htlbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:47:32 GMT
content-encoding
gzip
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront), 1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 19:49:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
2914
x-amz-server-side-encryption
AES256
etag
W/"e1caada96468a3b669d0d0cc6ec9a23c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
IwNx3J1tSAH8NokDdd-eGjOinkRVoqwt68greZzmMvlK1eBDH20D5A==
gtm.js
www.googletagmanager.com/ 		285 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W9QHGH
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1c232482779afb68012302ae00dce5ecc143c6464a92d736cefdc83953ede202
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96317
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 13 Oct 2023 17:36:05 GMT
v2ghq4H8pSqsSE5TvCRMeg19JrcNjnOdwdTO_2xu06qvex-mky4fUPQk
restrainstorm.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://restrainstorm.com/v2ghq4H8pSqsSE5TvCRMeg19JrcNjnOdwdTO_2xu06qvex-mky4fUPQk
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a38::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
013e4395a6169b4e790370f6b517031392fee14111dbe5f0a93c95948ea86ff5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Fri, 13 Oct 2023 17:36:05 GMT
x-datacenter
gce-europe-west1
etag
"d3521f7fcf533190214d0f569ce14e77d0b222977828af6d7a8b72655ca6cfa8"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-f2l1
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1033761249
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
truncated
/ 		85 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af8574c64eb8a1a24537fe67d1c22a775ddff60c52157b8922dae42caf91db97

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		90 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6228e761dcb43896055c3e8271b1e4dfd480df47f1ee88c57c1000b991e60c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml
embed.js
deseretnews.coral.coralproject.net/assets/js/ 		105 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deseretnews.coral.coralproject.net/assets/js/embed.js
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.156.29 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
29.156.244.35.bc.googleusercontent.com
Software
/
Resource Hash
b4f3ab950944fa63b849baf193524685abf48af8d46a8cc7b68d47489b072f8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 13 Oct 2023 17:15:58 GMT
via
1.1 google
age
1207
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30665
x-xss-protection
1; mode=block
x-trace-id
7abefd50-69dd-11ee-ac15-9f05e03f4ffd
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 19 Jul 2023 20:18:22 GMT
etag
W/"77c9-1896fcdbeb0"
vary
Accept-Encoding
content-language
en-US
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800, s-max-age=604800
accept-ranges
bytes
228f7278b56ec5f4c512.8764e4dc5bb5d6dc0a7723926dadba3f.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/ 		41 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/228f7278b56ec5f4c512.8764e4dc5bb5d6dc0a7723926dadba3f.woff2
Requested by
Host: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.ba186237bf972f8038809f4e5a1dd24c.gz.css?v=1212
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-98.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c98415225e2d798f63c5cf293cecc7e25003e2bfdd5c36a15131e481377d3a5

Request headers

Referer
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.ba186237bf972f8038809f4e5a1dd24c.gz.css?v=1212
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 11:50:33 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
1143933
x-cache
Hit from cloudfront
content-length
42200
last-modified
Thu, 17 Feb 2022 23:47:51 GMT
server
AmazonS3
etag
"9bbb521bbc889f7adbd15c91e025b3e9"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
lSG3tL9y2NgxlrLddfEGa9FShs5FJtznvWlsz98pDZro3HfXDGgMpg==
56873dddf01c173e6d7c.86be8971ac1519f2cfdf90b1b087eeaa.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/56873dddf01c173e6d7c.86be8971ac1519f2cfdf90b1b087eeaa.woff2
Requested by
Host: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.ba186237bf972f8038809f4e5a1dd24c.gz.css?v=1212
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-98.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aeac3df5ca446725ac4a984ed4b6172c3b3b1cec23d70cc45ec546863f792264

Request headers

Referer
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.ba186237bf972f8038809f4e5a1dd24c.gz.css?v=1212
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 17:50:07 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
1122359
x-cache
Hit from cloudfront
content-length
26436
last-modified
Thu, 17 Feb 2022 23:47:52 GMT
server
AmazonS3
etag
"03b913edebe839076662cf2c26e236e4"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
7PxYsQLW6wckeZHK6zEUMeXKby4QruVkFhMe3RTjzw6Qg15zQ33aLQ==
9a8d32d539073ef74f3e.64eccfd09cafb2704571be2d12cc225b.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/9a8d32d539073ef74f3e.64eccfd09cafb2704571be2d12cc225b.woff2
Requested by
Host: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.ba186237bf972f8038809f4e5a1dd24c.gz.css?v=1212
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-98.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f0b2df67130c20d3f75e473ccf941fc8fea7c029d15adf044af4df143c45b2c

Request headers

Referer
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.ba186237bf972f8038809f4e5a1dd24c.gz.css?v=1212
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:18:01 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
857884
x-cache
Hit from cloudfront
content-length
33672
last-modified
Thu, 17 Feb 2022 23:47:53 GMT
server
AmazonS3
etag
"14a8a2847cf9b842624f7e4974f4fcd0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
iI5fucB_59jcQGFzafgZw5VnAdzIwFNk9pmOoAZS-_cas5ByZnFrWA==
a9fcb7d84180304e8fe7.f07418e94d3ab3dc90c1135c26084266.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/ 		40 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/a9fcb7d84180304e8fe7.f07418e94d3ab3dc90c1135c26084266.woff2
Requested by
Host: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.ba186237bf972f8038809f4e5a1dd24c.gz.css?v=1212
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-98.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
36b2007c0fe0a0f968bd49d1d050bd46989db93585b00b39df19ffa3e164047f

Request headers

Referer
https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.ba186237bf972f8038809f4e5a1dd24c.gz.css?v=1212
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 17:50:07 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
1122359
x-cache
Hit from cloudfront
content-length
41444
last-modified
Thu, 17 Feb 2022 23:47:51 GMT
server
AmazonS3
etag
"d9f196409e9e47511b99a9e6ba9a3df7"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://www.deseret.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
3zXUbSsJOJAgEj5d1w4D-L-pBF33V95Ldbj8VJ2mNy7djTGIAU-lqQ==
truncated
/ 		87 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d37a519f3a04fe4c01c920f2ba0cf85283ebd419b5d101a606c5ee2b33f19b35

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml
_track
www.deseret.com/ 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.deseret.com/_track
Requested by
Host: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/_resource/analytics/bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-30.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 13 Oct 2023 17:36:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-envoy-decorator-operation
brightspot-cms-verify.deseret.svc.cluster.local:80/*
via
1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
x-amz-cf-id
kSKc3kChGiJqFJnmFpi_k-sCCnlA3cm9MpzM9gIEzE1F0-zFZrA0QA==
l
use.typekit.net/af/49ef66/00000000000000003b9b2cfc/27/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/49ef66/00000000000000003b9b2cfc/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
351ba2ac20d28ffadb1115a6dd19d3a789cbd9d30d88630ca6d0a9a7fa6122d9

Request headers

Referer
https://use.typekit.net/qzq4qkv.css
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:05 GMT
server
nginx
etag
"cea691f813baff9c459e093daf1ff69d154fedc0"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
37980
otBannerSdk.js
cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/ 		404 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/otBannerSdk.js
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def2a184135eba029f8f785b3ed69edc5f36b368226ce1fcfeda4f5aa301d1b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Oct 2023 17:36:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
XJk1ZZTljtwHFT3qcIJg+w==
age
15666
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 01:34:32 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f6dfab97-701e-009e-5190-9a2b93000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
815957c31c632be5-FRA
expires
Sat, 14 Oct 2023 17:36:05 GMT
trending-web.json
api.deseret.com/ 		8 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.deseret.com/trending-web.json?d=2023-9-13-19
Requested by
Host: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.63baa46b878b908e122a755d549ee143.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f069a0f0b4056ba1b431f5aa399c57ed991731a43e3856aa7469a16cc313633a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:05 GMT
x-amz-version-id
JgkUwz8sjuIQSTOC6dWnOJj0aOYXO60G
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
5C4VMZ9VEM723MC6
age
6662
x-amz-id-2
r6aabMN6yQGC+0qWnvs5B+vDkLj4xfyt5NEjssSPqOjJMvtoVV+LjV0EZ4VdNY4bCJdsfahlUks=
last-modified
Fri, 13 Oct 2023 13:03:35 GMT
server
cloudflare
etag
W/"1c4bcd77e15cfe1c4dc23161c149a88c"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=120
cf-ray
815957c42c1e049f-FRA
/
deseret.brightspotcdn.com/dims4/default/47adb7f/2147483647/strip/true/crop/2109x1405+13+0/resize/1300x866!/format/webp/quality/90/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://deseret.brightspotcdn.com/dims4/default/47adb7f/2147483647/strip/true/crop/2109x1405+13+0/resize/1300x866!/format/webp/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2FkxMTzmT4W_xxOMIEjyT2RQhiocs%3D%2F0x0%3A2136x1405%2F2136x1405%2Ffilters%3Afocal%281068x703%3A1069x704%29%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F24009682%2Fmerlin_1665394.jpg
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-98.fra50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
7ee592788078bc7852c8db9cc9dd169f52b028149518c7a7c05942717a8e32c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 21:12:37 GMT
x-envoy-decorator-operation
brightspot-dims-verify.deseret.svc.cluster.local:80/*
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA50-C1
age
159808
x-cache
Hit from cloudfront
content-type
image/webp
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-envoy-upstream-service-time
595
content-length
37582
x-amz-cf-id
MAt7bf7rShwM2LXqjEXCOhBidgwTWxd6mTGaVhEVgVVPYnAPa-e1ng==
expires
Thu, 10 Oct 2024 21:12:37 GMT
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 05:22:14 GMT
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
994432
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
QqGVeSYdU__2-mkOll5_HoNg2vk8cl6oW9OI__tmPN-O_XP9aaySFA==
bl-34df212-55348960.js
tagan.adlightning.com/deseretdigital/ 		58 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-34df212-55348960.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7612bf30899c897f5dd4739769176e9ee77212be2f6c8c0dd3f91d97ca797197

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 00:22:46 GMT
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-version-id
5i.RvlsKGMbN9HpLe1Gw054ImJsyVWlI
x-amz-cf-pop
FRA60-P4
age
62000
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24640
x-amz-meta-git_commit
34df212
last-modified
Fri, 13 Oct 2023 00:17:10 GMT
server
AmazonS3
etag
"489748cf984112c1ef086729f57451e7"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Fnf-Qbg5gnOHoEoblYqGlOySKWOaGMBFlLs_QZDfzUxKDH4T839h2w==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/webp
most-commented-stories.json
api.deseret.com/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.deseret.com/most-commented-stories.json
Requested by
Host: uploads.deseret.com
URL: https://uploads.deseret.com/scripts/deseret-scripts.bsp.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e20ae929dfac5d9ed6a3714fba73fe1f292f5fccb74d2c3a0158a28494d81c5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:06 GMT
x-amz-version-id
.LQp0AV.pqwLfmzi_TX4sF9ht_ZXm1BS
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 13 Oct 2023 17:00:14 GMT
server
cloudflare
x-amz-request-id
Q8T027S21B4ZKG2J
etag
W/"4bca068b1a84fd4facbe3178028684a7"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=60
cf-ray
815957c4dcf4049f-FRA
x-amz-id-2
ymWltOzdJHT2iBgefsLQOYC2WBY5p7ka8t0CGWfC9jRLexRTvDKi1SN/Uqb2pQzeBP+1+KEUH3o=
sdk.js
connect.facebook.net/en_US/ 		304 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=dc3f8f9e8e5c932212dee9dfa98074f5
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
890000c9fb1f14ae2fe4e167c68c520d068b264fef51d4fbf11ac24af00f3baf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 13 Oct 2023 17:36:05 GMT
content-md5
RQSBlMK52NSDhEtsjIr84g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88122
x-fb-debug
CH1jF0mwWSQx16hK+4IJ6GJRckz6DWkszfFj9h5MjIT50nFU3eE6O1OtvfpWqCJiMS/MqJrYfIhLxT530CC2qw==
x-fb-content-md5
5f5ae5f48d50dfcb4ae2de6bbfe62319
cross-origin-opener-policy
same-origin-allow-popups
etag
"dff984adf40d91a4a3a16174f674c876"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 12 Oct 2024 16:48:26 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/ 		420 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ed217f84a2f42753409477460b63ce2ed71c6447b9ec89aa0abde7f42ae5bcf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:20:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
944
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134786
x-xss-protection
0
server
cafe
etag
13749274744457858240
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 12 Oct 2024 17:20:21 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.97.54 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-97-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires
Sun, 12 Nov 2023 17:36:05 GMT
date
Fri, 13 Oct 2023 17:36:05 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
access-control-request-headers
X-OB-STG,X-OB-PRD
skeleton.gif
static.adsafeprotected.com/ 		43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adslot=ad_300x250_6100134
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:9400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 28 May 2023 02:26:58 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
11977748
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
-83uy901Wga7KJWyTMN8d0xtsysiK7oMJMvEkQhvDxVJMX_0Nwkz4w==
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9QHGH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:06 GMT
content-encoding
gzip
etag
"6ioqmyHWSWLYz5hkRjy8Uw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 20 Oct 2023 17:36:06 GMT
fbevents.js
connect.facebook.net/en_US/ 		198 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
325fab5a06017764ab5ff18c3e5d6c1625d3524cb2a077e58b902fb8f26d1c9a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 13 Oct 2023 17:36:06 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53364
x-xss-protection
0
pragma
public
x-fb-debug
r6n/XvZfXH7ZueacXU16Ht100H/6ySK3XkxiVQ5HCx4LxBPQyAlfQERHv+7SFcS5ikIwirEcrAYOzyGctZWuGQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
b
sb.scorecardresearch.com/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=16033947&ns__t=1697218565916&ns_c=UTF-8&c8=23andMe%20confirms%20hack%20-%20Deseret%20News&c7=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&c9=
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-41.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:06 GMT
via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
8rtPlH3ONMsADbTi67ZiMXpODlJx0XDIVCM1QOswWNidL9oS51rsug==
x-cache
Miss from cloudfront
p.js
cdn.parsely.com/keys/deseret.com/ 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/deseret.com/p.js?gtm_ver=3.1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9QHGH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.36.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-36-58.ams1.r.cloudfront.net
Software
nginx /
Resource Hash
c94ebc505ac53cbcf1dd0aa14f8ddb99e063d1fbb6757cf37d7ea27e543c199b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
public
date
Fri, 13 Oct 2023 07:19:06 GMT
content-encoding
gzip
via
1.1 74511018c757716e70d811d8214e45e0.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2023 15:08:34 GMT
server
nginx
x-amz-cf-pop
AMS1-P1
age
37321
etag
W/"641330f2-1154a"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
UZUVtUAfYrXeMxbDd72piRky4dNNJXiWpVa8PkrrZqw-WVwI9TJW_Q==
expires
Sat, 14 Oct 2023 07:14:05 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9QHGH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 13 Oct 2023 15:51:33 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6272
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 13 Oct 2023 17:51:33 GMT
28b1e958-8657-4d54-a073-14408dcf4628_eu.js
cdn.mouseflow.com/projects/
Redirect Chain
  • https://cdn.mouseflow.com/projects/28b1e958-8657-4d54-a073-14408dcf4628.js
  • https://cdn.mouseflow.com/projects/28b1e958-8657-4d54-a073-14408dcf4628_eu.js
195 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mouseflow.com/projects/28b1e958-8657-4d54-a073-14408dcf4628_eu.js
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
HTTP/1.1
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Mouseflow /
Resource Hash
ba305343edd52d74dd02873ca26d69a284f57f1adf6c5160cb1bc2070c53463e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 17:36:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Cache-Status
HIT
Connection
keep-alive
Content-Length
58535
Last-Modified
Wed, 20 Sep 2023 08:04:54 GMT
Server
Mouseflow
ETag
W/"82a3e22399ebd91:0"
X-HW
1697218566.cds204.fr8.hn,1697218566.cds147.fr8.c
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Accept-Ranges
bytes
Keep-Alive
timeout=60

Redirect headers

Date
Fri, 13 Oct 2023 17:36:06 GMT
X-HW
1697218566.cds204.fr8.hn,1697218566.cds126.fr8.c
Location
https://cdn.mouseflow.com/projects/28b1e958-8657-4d54-a073-14408dcf4628_eu.js
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
X-HW-Loc
https://cdn.mouseflow.com/projects/28b1e958-8657-4d54-a073-14408dcf4628.js
Content-Length
0
deseret-scripts.min.js
uploads.deseret.com/scripts/ 		303 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uploads.deseret.com/scripts/deseret-scripts.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9QHGH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1971 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0b23ade793431788119a23a7fac4cd47e6be57e3820a1ffd2a0a53a1320dc5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:05 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 26 Sep 2023 17:15:45 GMT
server
cloudflare
x-amz-request-id
7D7X4R2HGAHTJ2A3
age
7120
etag
W/"fe6e8f8a47fc595247d242428a95c98d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=14400
cf-ray
815957c53e954d37-FRA
x-amz-id-2
/afRIx665SBFXIXroGp7LUodu/z7bYHAPYgDw3Myb3ZNb+l/yxeH494xbAjy1iC4ikHISaUa/q0=
Asyncload.js
d1vg5xiq7qffdj.cloudfront.net/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1vg5xiq7qffdj.cloudfront.net/Asyncload.js?fpkey=1020232&encsid=tf8ClPr38BM,&enccid=AFPv3kNG4Ik,&wsid=NDk5&trackingUrl=2PtuCvDuCGT5LwTmxa5wjl35YCAFpwehX6VzxWewIgs,
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:fa00:0:6f3c:65c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
72753bf20ed288ede24c8c12689fd3ec0aaaae976f5155d7b8d90eca316506b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 02:39:22 GMT
content-encoding
gzip
via
1.1 b23a8ff8d37f680e0dbac5e6c56145e2.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P2
age
745003
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
last-modified
Thu, 11 Feb 2021 17:53:16 GMT
server
Microsoft-IIS/10.0
etag
W/"d8aa53c69e0d71:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
access-control-allow-headers
Content-Type
x-amz-cf-id
X23S0obZORf044M5nBACB7Ofo8DSrmfLRHSzOg67BARyQeDVoSak1g==
up_loader.1.1.0.js
js.adsrvr.org/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9QHGH
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-15-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 03:51:17 GMT
Content-Encoding
gzip
Via
1.1 6f32a39163a1e36ace7a71a85e2d2884.cloudfront.net (CloudFront)
Last-Modified
Tue, 01 Aug 2023 20:10:44 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P7
Age
49490
x-amz-server-side-encryption
AES256
ETag
W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
u9OJ3yd8tB8kwpLKcE_JeWXhrsUyGs7rKxFISiqV3Ey2wD23iO54Zw==
js
www.googletagmanager.com/gtag/ 		273 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YNRPD2MVFD&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9QHGH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
49ca8e5fa6b43c735e1516fdaffdea804f9ecb858a4ffcd52999692f9d7832dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92269
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 13 Oct 2023 17:36:05 GMT
bootstrap
deseretnews.coral.coralproject.net/embed/ 		869 B
890 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://deseretnews.coral.coralproject.net/embed/bootstrap
Requested by
Host: deseretnews.coral.coralproject.net
URL: https://deseretnews.coral.coralproject.net/assets/js/embed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.156.29 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
29.156.244.35.bc.googleusercontent.com
Software
/
Resource Hash
2b4fc28ac191e5290a5a14495b24cc1390d8838a6c5bc3046e3b2c95a1e4a476
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-trace-id
fce62c20-69ee-11ee-b2d2-d5f116cdfeb4
strict-transport-security
max-age=15552000
date
Fri, 13 Oct 2023 17:36:06 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
etag
W/"365-yBDQEpAJn78ak7ENqQqW6QCQpj0"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-language
en-US
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
869
x-xss-protection
1; mode=block
nate.jpg
cdn.vox-cdn.com/thumbor/azoeXedLpJ6-KldPbOixElwn75U=/0x0:3600x2400/800x533/filters:focal(1201x566:1202x567)/cdn.vox-cdn.com/uploads/chorus_asset/file/24397657/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.vox-cdn.com/thumbor/azoeXedLpJ6-KldPbOixElwn75U=/0x0:3600x2400/800x533/filters:focal(1201x566:1202x567)/cdn.vox-cdn.com/uploads/chorus_asset/file/24397657/nate.jpg
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.7.0 /
Resource Hash
8f8e9f5aa4d83fea7180263bbeffcd42350c2c9764864f405b0f8ff8b9670a45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-cache-hits
1
date
Fri, 13 Oct 2023 17:36:06 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
age
178509
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
42289
x-served-by
cache-fra-eddf8230048-FRA
server
Thumbor/6.7.0
x-timer
S1697218566.094007,VS0,VE2
etag
"d177c730fff271be7ad0db98f8038a98179e44fd"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315576000,public
accept-ranges
bytes
expires
Tue, 11 Oct 2033 04:00:56 GMT
merlin_1834296.jpg
cdn.vox-cdn.com/thumbor/NIaYiU-Hps2F4_iflO__D41ujr4=/0x0:1732x3000/800x533/filters:focal(957x883:958x884)/cdn.vox-cdn.com/uploads/chorus_asset/file/24997469/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.vox-cdn.com/thumbor/NIaYiU-Hps2F4_iflO__D41ujr4=/0x0:1732x3000/800x533/filters:focal(957x883:958x884)/cdn.vox-cdn.com/uploads/chorus_asset/file/24997469/merlin_1834296.jpg
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.7.0 /
Resource Hash
b775a1e494160c22782afd1d63c4786cf6e8c8247d3e253c4a2d09cadb4bde82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-cache-hits
1
date
Fri, 13 Oct 2023 17:36:06 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
age
27252
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
78039
x-served-by
cache-fra-eddf8230048-FRA
server
Thumbor/6.7.0
x-timer
S1697218566.094021,VS0,VE2
etag
"6fa20d076780059a51f4c9156ef4c1326122bde6"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315576000,public
accept-ranges
bytes
expires
Wed, 12 Oct 2033 22:01:54 GMT
AP23043755948567.jpg
cdn.vox-cdn.com/thumbor/zFloOhBOEIUMQpvXj5dHnG_T9Es=/0x0:5006x3337/800x533/filters:focal(2503x1669:2504x1670)/cdn.vox-cdn.com/uploads/chorus_asset/file/24974497/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.vox-cdn.com/thumbor/zFloOhBOEIUMQpvXj5dHnG_T9Es=/0x0:5006x3337/800x533/filters:focal(2503x1669:2504x1670)/cdn.vox-cdn.com/uploads/chorus_asset/file/24974497/AP23043755948567.jpg
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.7.0 /
Resource Hash
199f137333d3780365ef53daeb8c3424b8d377e61aa5ed04013ee01711195897
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-cache-hits
1
date
Fri, 13 Oct 2023 17:36:06 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
age
137200
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
50745
x-served-by
cache-fra-eddf8230048-FRA
server
Thumbor/6.7.0
x-timer
S1697218566.093861,VS0,VE3
etag
"a81ec4505b426d874a6be56e3a7b85f05ff8d5be"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315576000,public
accept-ranges
bytes
expires
Tue, 11 Oct 2033 15:29:25 GMT
merlin_1160461.jpg
cdn.vox-cdn.com/thumbor/FNgsSg2rRb-yR8CNRM20AcS1NNE=/0x0:632x475/800x533/filters:focal(326x270:327x271)/cdn.vox-cdn.com/uploads/chorus_asset/file/24994690/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.vox-cdn.com/thumbor/FNgsSg2rRb-yR8CNRM20AcS1NNE=/0x0:632x475/800x533/filters:focal(326x270:327x271)/cdn.vox-cdn.com/uploads/chorus_asset/file/24994690/merlin_1160461.jpg
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.7.0 /
Resource Hash
02aab0d8b1abadabb3962c05ba53612cf4773ca21a2b1bcf6ecb497eca54860b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-cache-hits
1
date
Fri, 13 Oct 2023 17:36:06 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
age
52373
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
88571
x-served-by
cache-fra-eddf8230048-FRA
server
Thumbor/6.7.0
x-timer
S1697218566.093931,VS0,VE2
etag
"bf21c70702e90a8ff45f0334d08cd83940ad2872"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315576000,public
accept-ranges
bytes
expires
Wed, 12 Oct 2033 15:03:13 GMT
6bd9932559
cdn.vox-cdn.com/thumbor/YJILT7JMPW_TUkEPXqP0pjPTC7s=/0x0:5437x3625/800x533/filters:focal(3053x1651:3054x1652)/cdn.vox-cdn.com/uploads/chorus_asset/file/18156484/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.vox-cdn.com/thumbor/YJILT7JMPW_TUkEPXqP0pjPTC7s=/0x0:5437x3625/800x533/filters:focal(3053x1651:3054x1652)/cdn.vox-cdn.com/uploads/chorus_asset/file/18156484/6bd9932559
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.7.0 /
Resource Hash
275248c198ef4965fae8d53ef1192ccfafdb32c7832295c0f8bc640f95c97501
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-cache-hits
1
date
Fri, 13 Oct 2023 17:36:06 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
age
237831
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
82915
x-served-by
cache-fra-eddf8230048-FRA
server
Thumbor/6.7.0
x-timer
S1697218566.093938,VS0,VE2
etag
"0d17bb93724d9b5eddaff5b11aeb1a097e1ef2f1"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315576000,public
accept-ranges
bytes
expires
Mon, 10 Oct 2033 11:32:14 GMT
AdobeStock_213647339.jpeg
cdn.vox-cdn.com/thumbor/PCHcCVJbtZu4UFIx7qEmh3WwtxI=/0x0:4896x3264/800x533/filters:focal(2448x1632:2449x1633)/cdn.vox-cdn.com/uploads/chorus_asset/file/24990090/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.vox-cdn.com/thumbor/PCHcCVJbtZu4UFIx7qEmh3WwtxI=/0x0:4896x3264/800x533/filters:focal(2448x1632:2449x1633)/cdn.vox-cdn.com/uploads/chorus_asset/file/24990090/AdobeStock_213647339.jpeg
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.7.0 /
Resource Hash
a2a25ae5fa2c894617f6db6715c139cb25874f61f1007a33f527001b3336473a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-cache-hits
1
date
Fri, 13 Oct 2023 17:36:06 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
age
27247
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
73399
x-served-by
cache-fra-eddf8230048-FRA
server
Thumbor/6.7.0
x-timer
S1697218566.093992,VS0,VE9
etag
"39e56164b789b9677dcc53b41b05c26ef6bba920"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315576000,public
accept-ranges
bytes
expires
Wed, 12 Oct 2033 22:01:58 GMT
en.json
cookie-cdn.cookiepro.com/consent/f7029bfa-4907-411f-b3ea-2327c44ae364/544892c6-044f-4f4a-8766-195cb9aa3648/ 		96 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/consent/f7029bfa-4907-411f-b3ea-2327c44ae364/544892c6-044f-4f4a-8766-195cb9aa3648/en.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c301d97194faa47a7d5d2028de360cc34b72805365a6fb789a1897b417d0d197
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Oct 2023 17:36:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
keEgoB2F60ul5851AaOYxg==
age
33221
x-ms-lease-status
unlocked
last-modified
Mon, 26 Jun 2023 19:15:37 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
56b72f0e-401e-00ba-5f62-a8dd33000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
815957c55a5130db-FRA
get
mv.outbrain.com/Multivac/api/ 		128 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&idx=0&rand=88388&widgetJSId=AR_1&va=true&et=true&format=html&px=250&py=2824&vpd=1624&cw=770&settings=true&recs=true&key=NANOWDGT01&tch=0&adblck=false&abwl=false&ab=0&wl=0&umv=1&activeTab=true&version=2010485&sig=eH1npwpt&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a6b471ceedb04f5c67ca9edcf22348aab952c42ccf73e92b72c502a488abf075

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Fri, 13 Oct 2023 17:36:06 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1697218566.077656,VS0,VE895
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga13629-LGA, cache-fra-eddf8230116-FRA
x-traceid
600266d27f7674b23a820c44ed74aa03
accept-ranges
bytes
content-length
25823
expires
Thu, 01 Jan 1970 00:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
date
Fri, 13 Oct 2023 05:03:09 GMT
x-amz-cf-pop
FRA56-P6
age
45180
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
fqJh7WUzOszsRBmet5Wt0NC_hdZz3v9iZc_enG7ItbNf6a4fHWxgUA==
ads
securepubads.g.doubleclick.net/gampad/ 		748 B
413 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1854051373370780&correlator=2950829798047222&eid=31078637%2C31078805&output=ldjh&gdfp_req=1&vrg=202310110101&ptt=17&impl=fifs&iu_parts=22653237939%2Cdeseret%2Cwww.deseret.com&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&didk=2715247553&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1697218566076&lmt=1697211366&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&vis=1&psz=1600x3591&msz=1600x-1&fws=4&ohw=1600&ga_vid=1727420462.1697218566&ga_sid=1697218566&ga_hid=1262359330&ga_fc=false&dlt=1697218565056&idt=985&prev_scp=position%3Dwunderkind&cust_params=htlbidid%3D20646%26is_testing%3Dno%26is_home%3Dno%26category%3D23andme-hack%26post_id%3D0000018b-2085-d22d-a3cf-f69793980000%26entry_group%3Dlatest%252Cfront-page%252Cu-s-world%252Cnews-feed-national%26entry_id%3DEntry%253A6c466dad-3376-47f2-8c20-8016a9883d66%26entry_type%3Darticle%26page_type%3Dinterior_page%26hub_pages%3DU.S.%2520%2526amp%2520World%26author%3DAriel%2520Harmer%26keywords%3D23andme%2520confirms%2520hack%2520%2520heres%2520how%2520to%2520protect%2520your%2520data&adks=784395597&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
190a95290cda6d00c094d3541bce8607b96aec0743e6b5278abec6c24ad12142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
383
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		569 B
306 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1854051373370780&correlator=1309651389957154&eid=31078637%2C31078805&output=ldjh&gdfp_req=1&vrg=202310110101&ptt=17&impl=fifs&iu_parts=22653237939%2Cdeseret%2Cwww.deseret.com%2Clatest%2Cu-s-world&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&ifi=2&didk=302492128&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1697218566085&lmt=1697211366&adxs=0&adys=2917&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=1727420462.1697218566&ga_sid=1697218566&ga_hid=1262359330&ga_fc=false&dlt=1697218565056&idt=985&prev_scp=position%3Darticle_video_recirculation&cust_params=htlbidid%3D20646%26is_testing%3Dno%26is_home%3Dno%26category%3D23andme-hack%26post_id%3D0000018b-2085-d22d-a3cf-f69793980000%26entry_group%3Dlatest%252Cfront-page%252Cu-s-world%252Cnews-feed-national%26entry_id%3DEntry%253A6c466dad-3376-47f2-8c20-8016a9883d66%26entry_type%3Darticle%26page_type%3Dinterior_page%26hub_pages%3DU.S.%2520%2526amp%2520World%26author%3DAriel%2520Harmer%26keywords%3D23andme%2520confirms%2520hack%2520%2520heres%2520how%2520to%2520protect%2520your%2520data&adks=2503852123&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
894df790a3005f0be228f10d6750ab4dfc834802cccd548fceb4c5a7df7e2556
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
276
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b5d26ce7f654ea1b851fca63a89eb750.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F7FA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b5d26ce7f654ea1b851fca63a89eb750.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 17:36:06 GMT
expires
Sat, 12 Oct 2024 17:36:06 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
otFlat.json
cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/assets/otFlat.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Oct 2023 17:36:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
5mNZducabMgxSDzBo+ZI8w==
age
38279
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 01:34:23 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
b17cabec-c01e-008b-65f4-a43c20000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
815957c63b6a30db-FRA
expires
Sat, 14 Oct 2023 17:36:06 GMT
otPcCenter.json
cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/assets/v2/ 		61 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/assets/v2/otPcCenter.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Oct 2023 17:36:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
sXFDxCJwbPEMIT/8f5Prwg==
age
33222
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 01:34:25 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
bcf8e8ab-f01e-00af-4ff4-a4ca80000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
815957c64b7330db-FRA
expires
Sat, 14 Oct 2023 17:36:06 GMT
otCommonStyles.css
cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/assets/otCommonStyles.css
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Oct 2023 17:36:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
oWkBTLgDDXvrUsd93y/Zxg==
age
36836
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 01:34:39 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
5c825d97-b01e-0028-25f4-a459e5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
815957c64b7630db-FRA
expires
Sat, 14 Oct 2023 17:36:06 GMT
30787d05-7895-471e-9cdf-d931d7b5ea5d
config.aps.amazon-adsystem.com/configs/ 		537 B
801 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/30787d05-7895-471e-9cdf-d931d7b5ea5d
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-30.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
a7b4051ce3c03d83059984dfd302a18b7e0bb49f3a188b6db2f5ef53b1970a5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:36:50 GMT
via
1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
3556
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
muus4irt5aSt77cmUKW3yt1ooIDHrQgcNJMw7GzlczM_bqkbY42aCQ==
config
c.amazon-adsystem.com/cdn/prod/ 		486 B
833 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.deseret.com&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d8234a5854ab9176a7bdc57c6dc183540c614c50dcb02296f94913e7031b0272

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 15:25:08 GMT
via
1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
7858
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.deseret.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
486
x-amz-cf-id
nmTwgdh7TKDGbcPBjrTShbu9OvcjslDmMadrHU7HjaNjcLg6lwGCLw==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&pid=GKfGVxMD7y9Sl&cb=0&ws=1600x1200&v=23.919.1525&t=2000&slots=%5B%7B%22sd%22%3A%22htlad-1-gpt%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F22653237939%2Fdeseret%2Fwww.deseret.com%2Flatest%2Fu-s-world%22%7D%2C%7B%22sd%22%3A%22htlad-3-gpt%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F22653237939%2Fdeseret%2Fwww.deseret.com%2Flatest%2Fu-s-world%22%7D%5D&schain=1.0%2C1!hashtag-labs.com%2C1000000598%2C1%2C%2C%2C&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.239.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-239-116.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:06 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P4
x-amz-rid
1XQSRQD7AB4YX452HTG6
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.deseret.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
U7AAw0wdF5yUbRTAzUOtRQXHct4TGtSwe62a7iH4dHaPdABue57qbA==
collect
www.google-analytics.com/j/ 		4 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1262359330&t=pageview&_s=1&dl=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&ul=en-us&de=UTF-8&dt=23andMe%20confirms%20hack%20-%20Deseret%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChACEABBAAAACAAI~&jid=2088757646&gjid=1717101854&cid=1727420462.1697218566&tid=UA-25484401-1&_gid=501574257.1697218566&_r=1&_slc=1&gtm=45He3ab0n71W9QHGH&cd1=23677136&cd2=article&cd4=Ariel%20Harmer&cd5=2023-10-11%2016%3A55&cd8=2023-10-11%2016%3A55&cd11=deseret&cd12=deseret&cd20=www.deseret.com%3Awww.deseret.com%3Alatest%3Arapid-relevance-team%3Afront-page%3Au-s-world%3Anews-feed-national&cd22=dated&cd53=385&cd55=U.S.%20%26%20World&z=367540655
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
photo-purchasing-api.deseret.com/ 		20 B
172 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://photo-purchasing-api.deseret.com/?url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack
Requested by
Host: uploads.deseret.com
URL: https://uploads.deseret.com/scripts/deseret-scripts.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
05427617998636f60e69c7335b9e62ec1e7b7942e21dd2223c92cce6b4519f43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:06 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
etag
W/"14-qYhogSiHKMdb+dNHLekDyWLHb3M"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.deseret.com
cf-ray
815957c6dfbf049f-FRA
content-length
20
newsletters.json
uploads.deseret.com/files/deseret-news/ 		23 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://uploads.deseret.com/files/deseret-news/newsletters.json
Requested by
Host: uploads.deseret.com
URL: https://uploads.deseret.com/scripts/deseret-scripts.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
998566e29ab8c76df582b811323fd5645930797a51fd6c32e0b48cd443bab086

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Sun, 01 Oct 2023 06:43:24 GMT
server
cloudflare
x-amz-request-id
835Y9QM4TXNT8DX2
etag
W/"1a397e229fe8e9d8cf508bf21a1283b4"
x-amz-server-side-encryption
AES256
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cf-ray
815957c6bf95049f-FRA
x-amz-id-2
VCTJDrx8r6jtkiy6RRnsghAuUay3HRKy9MmCFYAc7Exm1fMb5O072EyD1mgGoCCs4XeQ9H0bpX4=
ad-injection-config.json
uploads.deseret.com/files/deseret-news/ 		3 KB
735 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://uploads.deseret.com/files/deseret-news/ad-injection-config.json
Requested by
Host: uploads.deseret.com
URL: https://uploads.deseret.com/scripts/deseret-scripts.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04a2016e7259df05d8a2674b190c10dea67900a6eb0890c5dc901b56b101fd5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 24 Nov 2022 02:32:54 GMT
server
cloudflare
x-amz-request-id
835JCAG9GNTJBRCY
etag
W/"4fec2a7334cbd80587bfe920d5d2d124"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cf-ray
815957c6bf99049f-FRA
x-amz-id-2
wgWZZ3BPG1TCoMpMaDmZwrHWmUQ/QBaKdwftYj8RT/iyU9cqzeFJosOTRlRNN0UrNbCClBFpSgI=
collect
region1.google-analytics.com/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YNRPD2MVFD&gtm=45je3ab0&_p=1262359330&cid=1727420462.1697218566&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1697218566&sct=1&seg=0&dl=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&dt=23andMe%20confirms%20hack%20-%20Deseret%20News&en=page_view&_fv=1&_ss=2&ep.content_id=23677136&ep.content_type=article&ep.author_name=Ariel%20Harmer&ep.published_date=2023-10-11%2016%3A55&ep.last_time_updated=2023-10-11%2016%3A55&ep.tags=www.deseret.com%3Awww.deseret.com%3Alatest%3Arapid-relevance-team%3Afront-page%3Au-s-world%3Anews-feed-national&epn.story_word_count=385&ep.hidden_tags=rapid-relevance-team&ep.hour_of_publish=16&ep.hour_of_update=16&ep.site_language=en&ep.page_theme=light&ep.author_id=0000018a-e26f-dca9-ad8a-f77f24630001&ep.acquistion_date=2023-10-13&ep.userid=8fc473d7-5fb8-40f4-8a91-6edb2f8f16e6&ep.site_version=release-2023.09.20&ep.hit_timestamp=1697218473&ep.primary_category=U.S.%20%26%20World
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YNRPD2MVFD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-e6fjgk4FzErQ3.js
rules.quantcount.com/ 		160 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-e6fjgk4FzErQ3.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:2e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2439d09276050789596af71728fc61f652e2c7a0d721b3d19e20b506118df1fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:20:32 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
934
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:26:39 GMT
server
AmazonS3
etag
"338d64467334d314d195404751286c4f"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
JM8TZRNVMVHxj83oTA4uoLrw1yIFLCTgKniU5i-xS6Sg40DItyCC1Q==
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1697218566253&plid=8cd09adc-3124-4bcd-a489-2e682c518e1e&idsite=deseret.com&url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22parsely%3Ametadata-detection%22%3A%7B%22version%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack%22%2C%22hash%22%3A-1467421814%7D%7D&sid=1&surl=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&sref=&sts=1697218566241&slts=0&title=23andMe+confirms+hack+-+Deseret+News&date=Fri+Oct+13+2023+19%3A36%3A06+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=603a44c0-ef61-40c2-88e5-6aa6290ac43c&u=pid%3D223b8b43-e5d1-4fda-95d3-17de342732bd
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 17:36:06 GMT
Cache-Control
no-cache
Last-Modified
Friday, 13-Oct-2023 17:36:06 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
fp2.min.js
d1vg5xiq7qffdj.cloudfront.net/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1vg5xiq7qffdj.cloudfront.net/fp2.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:fa00:0:6f3c:65c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 05:45:04 GMT
content-encoding
gzip
via
1.1 b23a8ff8d37f680e0dbac5e6c56145e2.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P2
age
215461
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
last-modified
Tue, 04 Feb 2020 16:16:08 GMT
server
Microsoft-IIS/10.0
etag
W/"014506876dbd51:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
access-control-allow-headers
Content-Type
x-amz-cf-id
Upt3L0u1SbyAmrIh-3i3WST0tL6bHd6HTUego4B3sRDPY8fLhDEgrg==
l
use.typekit.net/af/bb6c4e/00000000000000003b9b2cf8/27/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/bb6c4e/00000000000000003b9b2cf8/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f0b2aa044e220b8f9ec02d387f0a408309d8563232656a8700338f293598e1e0

Request headers

Referer
https://use.typekit.net/qzq4qkv.css
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:06 GMT
server
nginx
etag
"3bd094436e8172ab61cda9f0fed997dd1ff37d39"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
38868
id5-api.js
cdn.id5-sync.com/api/1.0/ 		138 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8f7a67861972c13bbd67f527a121e276359e74a34d7366043870a77cd03ebc3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:06 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 10 Oct 2023 14:20:27 GMT
server
cloudflare
x-amz-request-id
T62WFB53ZFFZHCFR
age
268
etag
W/"6c1a42f0fa54a5a4ef64c2dd72fc6cd5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
815957c7ef859957-FRA
x-amz-id-2
Jr1MhCc4vixtvtFrtfnPu5suhN1N8EcI2iRcEY3SRpR8Bj5vnEPWMZfvHeFcWY38rMCD3d+xbkY=
collect
stats.g.doubleclick.net/j/ 		4 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-25484401-1&cid=1727420462.1697218566&jid=2088757646&gjid=1717101854&_gid=501574257.1697218566&_u=YChACEAABAAAACAAI~&z=378885401
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 13 Oct 2023 17:36:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ot_guard_logo.svg
cookie-cdn.cookiepro.com/logos/static/ 		497 B
474 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/logos/static/ot_guard_logo.svg
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Oct 2023 17:36:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
20875
x-ms-lease-status
unlocked
last-modified
Thu, 12 Oct 2023 02:48:56 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
e39631d4-601e-0014-0740-fd7022000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
815957c78d2d30db-FRA
expires
Sat, 14 Oct 2023 17:36:06 GMT
Deseret_News_black__yellow_period.png
cookie-cdn.cookiepro.com/logos/8becd7f7-c923-4cd4-814a-e08c34baf60b/f30e28ec-ac7f-485d-be7f-5a500147b9c2/e624791d-5e87-4bcb-904a-8e6799b3517c/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookie-cdn.cookiepro.com/logos/8becd7f7-c923-4cd4-814a-e08c34baf60b/f30e28ec-ac7f-485d-be7f-5a500147b9c2/e624791d-5e87-4bcb-904a-8e6799b3517c/Deseret_News_black__yellow_period.png
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
400364eacf69f0a75ce19dd956ae13093eae641137d6e0a076ee76a52c67eceb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Oct 2023 17:36:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
content-md5
vhY3W8TIWDCio7fmA/GntA==
age
29436
cf-polished
origSize=29642
content-length
15370
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Wed, 15 Feb 2023 16:11:09 GMT
server
cloudflare
etag
0x8DB0F6F3FFAA384
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
829eabe3-001e-0012-294b-a8439d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
815957c79bcc2be5-FRA
expires
Sat, 14 Oct 2023 17:36:06 GMT
poweredBy_cp_logo.svg
cookie-cdn.cookiepro.com/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookie-cdn.cookiepro.com/logos/static/poweredBy_cp_logo.svg
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8df4e2508308452516a8972eb7d993d970eefeea6705487b0e100c0fa7b4b447
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Oct 2023 17:36:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
uInNdQwuuw8s7lYl3cE7eQ==
age
29487
x-ms-lease-status
unlocked
last-modified
Thu, 12 Oct 2023 02:48:56 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
777f3572-a01e-0079-5962-fdc469000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
815957c79bd12be5-FRA
expires
Sat, 14 Oct 2023 17:36:06 GMT
1860428570942209
connect.facebook.net/signals/config/ 		139 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1860428570942209?v=2.9.133&r=stable&domain=www.deseret.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
244bcf9e597ee6c926ec1fa3154730bc48e546f3e61404ba2dc4b810cf057023
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 13 Oct 2023 17:36:06 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
36784
x-xss-protection
0
pragma
public
x-fb-debug
DM1Oi3h1Z0WaR7bAGx16sEE0G1dzBqTaMbf0kSOCzyH1Fl4OaW4i3J1B6P/kctb5JCGSISnZyfaBuXfFzuofMg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		92 KB
25 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1854051373370780&correlator=3694133061511059&eid=31078637%2C31078805&output=ldjh&gdfp_req=1&vrg=202310110101&ptt=17&impl=fifs&iu_parts=22653237939%2Cdeseret%2Cwww.deseret.com%2Clatest%2Cu-s-world&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x250%2C300x250%7C300x600&ifi=3&didk=1622125026~303353385&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D73cbd3e445d0b158%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_Mby9Dz-hJe4j_LG3otyFBnGWWUQlw&gpic=UID%3D00000c9791d8bde3%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_MYcNdJCko0qIgnfIPVSyO_M5mg1Uw&abxe=1&dt=1697218566356&lmt=1697211366&adxs=315%2C1050&adys=295%2C779&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&vis=1&psz=970x0%7C300x0&msz=970x0%7C300x0&fws=4%2C4&ohw=1600%2C300&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1727420462.1697218566&ga_sid=1697218566&ga_hid=1262359330&ga_fc=true&dlt=1697218565056&idt=985&prev_scp=position%3Ddesktop_leaderboard_variable%7Cposition%3Dmedium_rectangle_variable_article%26pos%3Dright&cust_params=htlbidid%3D20646%26is_testing%3Dno%26is_home%3Dno%26category%3D23andme-hack%26post_id%3D0000018b-2085-d22d-a3cf-f69793980000%26entry_group%3Dlatest%252Cfront-page%252Cu-s-world%252Cnews-feed-national%26entry_id%3DEntry%253A6c466dad-3376-47f2-8c20-8016a9883d66%26entry_type%3Darticle%26page_type%3Dinterior_page%26hub_pages%3DU.S.%2520%2526amp%2520World%26author%3DAriel%2520Harmer%26keywords%3D23andme%2520confirms%2520hack%2520%2520heres%2520how%2520to%2520protect%2520your%2520data&adks=1603430209%2C809571872&frm=20&is_cau=%2C
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ed644fe26b67089a49ee805c2bb286deba7964dd07662dc1b57c3604c4a2efb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25338
x-xss-protection
0
google-lineitem-id
-1,6360719432
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138442268166
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.deseret.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-25484401-1&cid=1727420462.1697218566&jid=2088757646&_u=YChACEAABAAAACAAI~&z=2095787031
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-25484401-1&cid=1727420462.1697218566&jid=2088757646&_u=YChACEAABAAAACAAI~&z=2095787031
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=1786005365;source=gtm;rf=0;a=p-e6fjgk4FzErQ3;url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack;uht=2;fpan=1;fpa=P0-548091348-1697218566237;pbc=;ns=0;c...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1786005365;source=gtm;rf=0;a=p-e6fjgk4FzErQ3;url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack;uht=2;fpan=1;fpa=P0-548091348-1697218566237;pbc=;ns=0;ce=1;qjs=1;qv=44310d19-20230908150619;cm=;gdpr=0;ref=;d=deseret.com;dst=1;et=1697218566462;tzo=-120;ogl=title.23andMe%20confirms%20hack%20%E2%80%94%20here%E2%80%99s%20how%20to%20protect%20your%20data%2Curl.https%3A%2F%2Fwww%252Edeseret%252Ecom%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack%2Cimage.https%3A%2F%2Fdeseret%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2F84fb537%2F2147483647%2Fstrip%2Ftrue%2Fcr%2Cimage%3Aurl.https%3A%2F%2Fdeseret%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2F84fb537%2F2147483647%2Fstrip%2Ftrue%2Fcr%2Cimage%3Awidth.1461%2Cimage%3Aheight.834%2Cimage%3Atype.image%2Fjpeg%2Cimage%3Aalt.23andMe%20confirmed%20hackers%20had%20breached%20personal%20information%20from%20millions%20of%20cus%2Cdescription.Hackers%20recently%20accessed%20personal%20information%20from%20millions%20of%2023andMe%20customer%2Csite_name.Deseret%20News%2Ctype.article;ses=ac2d3cde-288d-48f3-ba3b-cec4a734a84d;mdl=
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:06 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
Screen_Shot_2022-05-23_at_3.27.16_PM.png
uploads.deseret.com/cdn-cgi/image/width=80,height=80,fit=cover,gravity=0.55x0.34/deseretnews/newsletters/21888b79af10b6c0/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uploads.deseret.com/cdn-cgi/image/width=80,height=80,fit=cover,gravity=0.55x0.34/deseretnews/newsletters/21888b79af10b6c0/Screen_Shot_2022-05-23_at_3.27.16_PM.png
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1971 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b53aac3689f06e7c35d632bf5b7a09ae6080eabeb695b97a6b07ae409160bbad
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:06 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
6456
cf-resized
internal=ok/h q=0 n=13+0 c=11+18 v=2023.9.8 l=6456
last-modified
Mon, 23 May 2022 21:27:39 GMT
cf-bgj
imgq:96,h2pri
server
cloudflare
etag
"cfrkdhQzEi5fHBzgDdYGDDXo4t700xPSCkiGIMFsaNDQ:8b62750fce7e97783fe06616fb8638f9"
vary
Accept, Accept-Encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
815957c88af84d37-FRA
priority
u=4;i=?0,cf-chb=(37;u=2;i=?0 825;u=5;i=?0)
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1860428570942209&ev=PageView&dl=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&rl=&if=false&ts=1697218566484&sw=1600&sh=1200&v=2.9.133&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1697218566481.1957303239&cs_est=true&ler=empty&it=1697218566348&coo=false&rqm=GET
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 13 Oct 2023 17:36:06 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
api.js
challenges.cloudflare.com/turnstile/v0/g/dffb14d6/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=cf__reactTurnstileOnLoad&render=explicit
  • https://challenges.cloudflare.com/turnstile/v0/g/dffb14d6/api.js?onload=cf__reactTurnstileOnLoad&render=explicit
33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/dffb14d6/api.js?onload=cf__reactTurnstileOnLoad&render=explicit
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06d063d7e58bade3ae244489087afa82f9f7c59276cdd7dcfbb2a9b5b600c5da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:06 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
815957c99f4103f0-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 13 Oct 2023 17:36:06 GMT
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/turnstile/v0/g/dffb14d6/api.js?onload=cf__reactTurnstileOnLoad&render=explicit
cache-control
max-age=300, public
cf-ray
815957c94ecf03f0-FRA
alt-svc
h3=":443"; ma=86400
1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 		68 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=ed72d3fb7396
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.10.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 17:36:07 GMT
Last-Modified
Mon, 26 Oct 2020 16:52:19 GMT
Server
AmazonS3
x-amz-request-id
835P3517JYTK8T8M
ETag
"91e42db1c66c0b276abf6234dc50b2eb"
Content-Type
image/png
Cache-Control
no-store
Accept-Ranges
bytes
Content-Length
68
x-amz-id-2
uhnsyaIqrUR/CjYUGK88xU0LAzI+l83q9bWrwjXn0JjFrebCPFRGq9CMjmEzt/368z/SWWDIrK+OjAY+xNzTqA==
3712bf8fa5cba94da46d32bd30544ac9dd7abffce27e7
restrainstorm.com/u/3bf4efc/ 		288 B
315 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://restrainstorm.com/u/3bf4efc/3712bf8fa5cba94da46d32bd30544ac9dd7abffce27e7
Requested by
Host: restrainstorm.com
URL: https://restrainstorm.com/v2ghq4H8pSqsSE5TvCRMeg19JrcNjnOdwdTO_2xu06qvex-mky4fUPQk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7a38::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
8e8e0c76586ede73899d630f05548e7bbc2eabbf8e58e29aa057863a82fbad36
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 13 Oct 2023 17:36:06 GMT
via
1.1 google
x-buildnumber
1033761249
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.deseret.com
x-hostname
fen-hoothoot-europe-west1-spot-f2l1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 13 Oct 2023 17:36:05 GMT
c4b1e0f67a0df0b31b16d5ccd814b30b7e811a7
restrainstorm.com/b850557734dd6/ 		3 B
27 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://restrainstorm.com/b850557734dd6/c4b1e0f67a0df0b31b16d5ccd814b30b7e811a7
Requested by
Host: restrainstorm.com
URL: https://restrainstorm.com/v2ghq4H8pSqsSE5TvCRMeg19JrcNjnOdwdTO_2xu06qvex-mky4fUPQk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7a38::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 13 Oct 2023 17:36:06 GMT
via
1.1 google
x-buildnumber
1033761249
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.deseret.com
x-hostname
fen-hoothoot-europe-west1-spot-f2l1
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/gf4hm/0x4AAAAAAAA2pgcWAmjzIY_M/auto/ Frame 975F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/gf4hm/0x4AAAAAAAA2pgcWAmjzIY_M/auto/normal
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
815957ca0c9392a2-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 17:36:06 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame CD28 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 05:22:14 GMT
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
994433
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
U9aW1AHwR5K-lQITN8Yp5m_-tiwVrmo9XMPu7iJNZ8cGBTb4LTucgg==
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame 41A9 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 05:22:14 GMT
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
994433
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
LA7xiezgc7bzpoDTT8Oc2kpxqCEG_K4eeNH4sGebgJ8jwgccsnLu5w==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 41A9 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:36:06 GMT
place
deseretdigital-tagan.adlightning.com/ Frame CD28 		0
447 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://deseretdigital-tagan.adlightning.com/place?p=0&d=eyJzaXRlSWQiOiJkZXNlcmV0ZGlnaXRhbCIsInVybCI6Imh0dHBzOi8vd3d3LmRlc2VyZXQuY29tL3Utcy13b3JsZC8yMDIzLzEwLzExLzIzOTEzMDk1LzIzYW5kbWUtaGFjayIsImFkVW5pdCI6Ii8yMjY1MzIzNzkzOS9kZXNlcmV0L3d3dy5kZXNlcmV0LmNvbS9sYXRlc3QvdS1zLXdvcmxkXzAiLCJhZFNlcnZlckRldGFpbHMiOnsiYWR2ZXJ0aXNlcklkIjoiNTEzMDY0MTI2MyIsImNhbXBhaWduSWQiOiIyOTg3MTU3OTg0IiwiY3JlYXRpdmVJZCI6IjEzODM4MzEwMDgxNyIsImxpbmVpdGVtSWQiOiI1OTMyMDUwNDY3IiwiYWRTZXJ2ZXIiOiJkZnAifSwid3YiOiIxLjAuMCtlMDlmMTBmIiwiYnYiOiJibC0zNGRmMjEyLTU1MzQ4OTYwO2ItZTA5ZjEwZi02YmEyZGM1MSIsIm1ldGEiOnsiYmxhY2tsaXN0U3RhdHVzIjp7ImxvYWRlZCI6dHJ1ZSwiY291bnQiOjEzMDksImZpcnN0SXRlbSI6eyJ0IjoiZ3JhbWZyZWUud2Vic2l0ZSIsImEiOjEwfX0sImJsb2NrZWRJbmZvIjp7InJlZnJlc2hlZENvdW50IjowLCJibG9ja2VkQ291bnQiOjAsImhlYXZ5QWRCbG9ja2VkQ291bnQiOjAsImhlYXZ5QWRSZWZyZXNoZWRDb3VudCI6MH0sInBsUmF0aW8iOjAuMDF9LCJ0YWdNYXJrdXAiOiI8aHRtbCBhbXA0YWRzPVwiXCIgY2xhc3M9XCJpLWFtcGh0bWwtaW5hYm94XCIgaS1hbXBodG1sLWxheW91dD1cIlwiIGktYW1waHRtbC1uby1ib2lsZXJwbGF0ZT1cIlwiIGxhbmc9XCJkZVwiPjxoZWFkPjxzY3JpcHQgc3JjPVwiaHR0cHM6Ly90YWdhbi5hZGxpZ2h0bmluZy5jb20vZGVzZXJldGRpZ2l0YWwvYi1lMDlmMTBmLTZiYTJkYzUxLmpzXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PjxzY3JpcHQ%2Bd2luZG93W1wiODQxMDMxNjlfZGVzZXJldGRpZ2l0YWxcIl0gPSB3aW5kb3dbXCI4NDEwMzE2OV9kZXNlcmV0ZGlnaXRhbFwiXSB8fCB7fTt3aW5kb3dbXCI4NDEwMzE2OV9kZXNlcmV0ZGlnaXRhbFwiXS50YWdEZXRhaWxzID0gd2luZG93W1wiODQxMDMxNjlfZGVzZXJldGRpZ2l0YWxcIl0udGFnRGV0YWlscyB8fCB7XCJzaXRlSWRcIjpcImRlc2VyZXRkaWdpdGFsXCIsXCJ3dlwiOlwiMS4wLjArZTA5ZjEwZlwiLFwiYmx2XCI6XCJibC0zNGRmMjEyLTU1MzQ4OTYwXCIsXCJidlwiOlwiYi1lMDlmMTBmLTZiYTJkYzUxXCIsXCJ0b3BEb21haW5cIjpcImh0dHBzOi8vd3d3LmRlc2VyZXQuY29tL3Utcy13b3JsZC8yMDIzLzEwLzExLzIzOTEzMDk1LzIzYW5kbWUtaGFja1wiLFwiY3VycmVudFRhZ0lkXCI6XCJhZGx0YWdfbG5vdzQzZnVfbWlwMmQyRDdiRVwiLFwiYXVcIjpcIi8yMjY1MzIzNzkzOS9kZXNlcmV0L3d3dy5kZXNlcmV0LmNvbS9sYXRlc3QvdS1zLXdvcmxkXzBcIixcInNsb3RFbGVtZW50SWRcIjpcImh0bGFkLTEtZ3B0XCIsXCJyZWZyZXNoZXNSZW1haW5pbmdcIjoyLFwiYmxvY2tlZENvdW50XCI6MCxcImhlYXZ5QWRSZWZyZXNoZXNSZW1haW5pbmdcIjoyLFwiaGVhdnlBZEJsb2NrZWRDb3VudFwiOjAsXCJhZFNlcnZlckRldGFpbHNcIjp7XCJhZHZlcnRpc2VySWRcIjpcIjUxMzA2NDEyNjNcIixcImNhbXBhaWduSWRcIjpcIjI5ODcxNTc5ODRcIixcImNyZWF0aXZlSWRcIjpcIjEzODM4MzEwMDgxN1wiLFwibGluZWl0ZW1JZFwiOlwiNTkzMjA1MDQ2N1wiLFwiYWRTZXJ2ZXJcIjpcImRmcFwifX07d2luZG93LmJsb2NrZXIgJiYgYmxvY2tlcihcIjg0MTAzMTY5X2Rlc2VyZXRkaWdpdGFsXCIsIFwiPCEtLUFETF9XUkFQUEVELS0%2BXCIsIGZhbHNlLCB3aW5kb3csIHt9KTs8L3NjcmlwdD48L2hlYWQ%2BPC9odG1sPjwhLS0gSUZSQU1FIElOTkVSIENPTlRFTlQgLS0%2BIn0%3D&i=1-1&t=adltag_lnow43fu_mip2d2D7bE&r=4c5749116c321188191ddc48fcb49c7&c=deseretdigital&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-64.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
odvXiI1Ly1sj3Ab5_RmE7VvQnF.fsWxS
date
Fri, 13 Oct 2023 09:17:38 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
30449
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
0
last-modified
Fri, 28 Oct 2022 01:03:48 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
o5I0bLhmQL2JeSOW9NE9ITPR0ZCxGp7PikvoXfwd0J9PbVfLEPd8YQ==
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012309290141000/ Frame CD28 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:48 GMT
age
260539
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56111
x-xss-protection
0
server
sffe
etag
"196a98f213e9af2a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:48 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame CD28 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:48 GMT
age
260539
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5226
x-xss-protection
0
server
sffe
etag
"b67abf1ac5d05c62"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:48 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame CD28 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:48 GMT
age
260539
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29036
x-xss-protection
0
server
sffe
etag
"f80aeafaeae93075"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:48 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame CD28 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:48 GMT
age
260539
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1915
x-xss-protection
0
server
sffe
etag
"5fa0b581892e5d76"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:48 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame CD28 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:48 GMT
age
260539
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12962
x-xss-protection
0
server
sffe
etag
"f431afcc9b21c868"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:48 GMT
css
fonts.googleapis.com/ Frame CD28 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 13 Oct 2023 17:36:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 16:36:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Oct 2023 17:36:07 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CD28 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 21:19:17 GMT
x-content-type-options
nosniff
server
cafe
age
73010
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Fri, 13 Oct 2023 21:19:17 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CD28 		295 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 21:19:17 GMT
x-content-type-options
nosniff
server
cafe
age
73010
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 13 Oct 2023 21:19:17 GMT
l
www.google.com/ads/measurement/ Frame CD28 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR9sNFfgCeYJL3u1c6Ya6UM5X4bTNdPO-kDF3Eh-_tPm-UuaQ8izWOM6qIfRnGDet8-Vgpj
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
14763004658117789537
tpc.googlesyndication.com/simgad/4688506426672434661/ Frame CD28 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4688506426672434661/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6080ea5c513ad166157ed112627e13619dbd7f62f5d6aebcf460e9b0dd75bab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 07:32:28 GMT
x-content-type-options
nosniff
age
295419
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25804
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 19:27:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 09 Oct 2024 07:32:28 GMT
truncated
/ Frame CD28 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame CD28 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame CD28 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e21d621783fab241eb5a9bca494f1b34fadfbf897157394982d2de1175c3b9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.97.54 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-97-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires
Sun, 12 Nov 2023 17:36:07 GMT
date
Fri, 13 Oct 2023 17:36:07 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
l
mcdp-nydc1.outbrain.com/ 		2 B
356 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=40e0e7ca3ac009ce3ba615737aa55284_214965_1697218566153&tm=1192&eT=0&widgetWidth=770&widgetHeight=35&widgetX=250&widgetY=3140&wRV=2010485&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=1127&oo=true&lo=885&obreq=739&mvreq=1126&mvres=2253&cet=4g&to=1697218564833&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 17:36:07 GMT
content-encoding
br
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
X-TraceId
3c746c57a21cfd399b7523bbc5ae916a
Content-Length
6
clip.js
widgets.outbrain.com/nanoWidget/2010485/module/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2010485/module/clip.js?e=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.97.54 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-97-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
afbaef38253ce5643c0a145d05469e138a7b325c12661a66e09ceeeceaaf3c9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 13 Oct 2023 17:36:07 GMT
content-encoding
gzip
content-length
709
last-modified
Wed, 11 Oct 2023 10:08:37 GMT
server
AkamaiNetStorage
etag
"4b206d0fbd326e6467647dcd9a1852e2:1697023703.582084"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 20 Oct 2023 17:36:07 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
356 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=e7698d7a46c97c8ede2c19e734126847_214965_1697218566251&tm=1201&eT=0&widgetWidth=764&widgetHeight=273&widgetX=253&widgetY=3187&wRV=2010485&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=885&obreq=739&mvreq=1126&mvres=2262&re=2265&cet=4g&cs=5&to=1697218564833&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 17:36:07 GMT
content-encoding
br
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
X-TraceId
e82c3d412bfe78b1c3ea3d3db9588189
Content-Length
6
obVideo.js
libs.outbrain.com/video/obVideo/current/ 		114 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.outbrain.com/video/obVideo/current/obVideo.js?e=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.97.54 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-97-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
856d0f78b25049ba42dbf6a40e4a2078718135bac59fe9b9eb8157153a460a3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:07 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 08:54:11 GMT
server
AkamaiNetStorage
etag
"a92e39cbb76fe3d96589bdfc25b53812:1697101178.953437"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
32157
expires
Fri, 13 Oct 2023 21:36:07 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
356 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=b86b9d74824fd47d4b73df6948e10021_214965_1697218566598&tm=1208&eT=0&widgetWidth=764&widgetHeight=273&widgetX=253&widgetY=3484&wRV=2010485&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=885&obreq=739&mvreq=1126&mvres=2262&re=2273&cet=4g&cs=5&to=1697218564833&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 17:36:07 GMT
content-encoding
br
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
X-TraceId
374063d58ab50a0c76712c205c34b2f9
Content-Length
6
l
mcdp-nydc1.outbrain.com/ 		2 B
356 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=fc03cc6e98821186e5edd58f547cb90f_214965_1697218566725&tm=1211&eT=0&widgetWidth=764&widgetHeight=273&widgetX=253&widgetY=3781&wRV=2010485&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=885&obreq=739&mvreq=1126&mvres=2262&re=2276&cet=4g&cs=5&to=1697218564833&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 17:36:07 GMT
content-encoding
br
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
X-TraceId
e5bf67d70706c47cfd5e868052e75a5f
Content-Length
6
l
mcdp-nydc1.outbrain.com/ 		2 B
356 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=c3e736cc7a01c2464d492362a7d49991_214965_1697218566787&tm=1214&eT=0&widgetWidth=764&widgetHeight=274&widgetX=253&widgetY=4078&wRV=2010485&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=885&obreq=739&mvreq=1126&mvres=2262&re=2279&cet=4g&cs=5&to=1697218564833&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 17:36:07 GMT
content-encoding
br
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
X-TraceId
e7feece7bdc8efa7ac9df467808a4ade
Content-Length
6
l
mcdp-nydc1.outbrain.com/ 		2 B
356 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=58a5b6035bebae1dc44750f38f876573_214965_1697218566907&tm=1216&eT=0&widgetWidth=764&widgetHeight=273&widgetX=253&widgetY=4376&wRV=2010485&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=885&obreq=739&mvreq=1126&mvres=2262&re=2281&cet=4g&cs=5&to=1697218564833&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 17:36:07 GMT
content-encoding
br
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
X-TraceId
11d02da16c8101f2aee386b413a09550
Content-Length
6
ob_logo.svg
widgets.outbrain.com/images/widgetIcons/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo.svg
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.97.54 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-97-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
21a924ac651ba65e51a5c9b5ae4b51453eb9b957d5990001a85960df95603d13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires
Sun, 12 Nov 2023 17:36:07 GMT
date
Fri, 13 Oct 2023 17:36:07 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"b79638966e0374c455e78107aee59bf4:1673369411.171576"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
7647
access-control-request-headers
X-OB-STG,X-OB-PRD
eyJpdSI6IjNlZGIxN2Y4MGZiYzNmY2I1NDI1ZmQ2MWYxYWI5YWJhYjJhMGMxN2I4M2RkMzc4ZmE0M2M1ODBiZGY1ODg4ZGUiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjNlZGIxN2Y4MGZiYzNmY2I1NDI1ZmQ2MWYxYWI5YWJhYjJhMGMxN2I4M2RkMzc4ZmE0M2M1ODBiZGY1ODg4ZGUiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.233.193 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-233-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:07 GMT
last-modified
Mon, 04 Sep 2023 23:11:33 GMT
access-control-allow-methods
GET,POST
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=1363303
access-control-allow-credentials
false
x-traceid
75a11ec87b1920022c8f45d1bfb87608
timing-allow-origin
*, *
content-length
299765
view
securepubads.g.doubleclick.net/pcs/ Frame 41A9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZHiWLB6z8Y0y2nXJvGjy_t6RB__OiZoxTq0J9FAEUEUAvu8XvVoVypadLHnuglHGSRxe4P7M845kAeHo83imuiMMcpPo1Azaatc6yJGkTGxhaa71Y8ECIOuxhTaG7X2fAb884A7BeEYcSdLkTw_7CDb5MEYRD4QgdpAtZls0k50FiLr47wAMl0xW5ZF0vTVY6leJYcahC1nglLTRbCKruPSKxAp_0HkXnqJ2mSGy6BCMKUn4_qj0qUHq4uKvjZ_7F0T_kU9QFmzFgRFGOZT7VsnpJWTRZo8PHYglcwTRWiQF70FPD_RZAIKAB8Hr2bUEHLz4jtS0hIk6yAF5WvvckDkkEZB48l5PwokYvftFx4zq56mrVPBD6yhD7Myuj02i3Q3BSRLbhab8Das1_pw&sai=AMfl-YQnLKBwVv-bVKd7LDgHmX7_LzAG4BYvgmmigx9JFlbjbPZNB2Kr4oQdPj0uKpOixmxN2OEI4fHrbuF8M-lEYgN1CK0wfFY1ge5q2qAfscoM4xVjaoGgTtJhobnrUQ&sig=Cg0ArKJSzC0g9DjFq9SQEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
smb-300x600.js
saambaa.com/widget/gpt/300x600/assets/ Frame 41A9 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/widget/gpt/300x600/assets/smb-300x600.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
15b9ddbe2efdbe1a86c55b2db65ce90407700f206885b838d25f41886fa31acb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:02 GMT
content-encoding
gzip
last-modified
Tue, 15 Aug 2023 23:15:18 GMT
server
Microsoft-IIS/8.5
etag
"087ef5acecfd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
13672
eyJpdSI6IjNlNjI1N2FmZDg0YTNkZTQ3ZGZjMjVhZjY2MzRjZmI2YjMwMjE3MmU4ZWZjN2I5MTY0ZjFkYmRhZWNkMzBiNGIiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjNlNjI1N2FmZDg0YTNkZTQ3ZGZjMjVhZjY2MzRjZmI2YjMwMjE3MmU4ZWZjN2I5MTY0ZjFkYmRhZWNkMzBiNGIiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.233.193 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-233-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
77ded383d58722d5f7863bfa8bb80b82d3f2618347818b4e2441c4ef667a5ea0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:07 GMT
last-modified
Sat, 01 Apr 2023 14:05:11 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1042686
access-control-allow-credentials
false
x-traceid
0e3eb16ce66779530b588d3445c32d0f
timing-allow-origin
*, *
content-length
4524
eyJpdSI6IjQ0Y2NjZjk4OGYyY2Y0MmMxNmVlMzAyMjdhNmI4ZmU1MjQ4ODIyYTYxZTkxMTRlMGJhMmVhZDAxZTgzOWM2MGIiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjQ0Y2NjZjk4OGYyY2Y0MmMxNmVlMzAyMjdhNmI4ZmU1MjQ4ODIyYTYxZTkxMTRlMGJhMmVhZDAxZTgzOWM2MGIiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.233.193 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-233-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4c3c20c65b51cd9cc58291f5dbf7328710f75718504159d084a4ddee2ec06397

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:07 GMT
last-modified
Mon, 17 Jul 2023 15:21:19 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1938527
access-control-allow-credentials
false
x-traceid
90bd7e11b2a3a3e53e0151b5fdf05d4f
timing-allow-origin
*, *
content-length
7686
eyJpdSI6IjlhN2Q0OWNlZGEzOWViNDNhNTE2NjE4ZDc3NjYxNjNhMmRkMTMxYmFlMWJhMDY5MWE0MjYzM2YxMjVhMWJkZTIiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjaCI6MjA1OTczODQwMiwiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjlhN2Q0OWNlZGEzOWViNDNhNTE2NjE4ZDc3NjYxNjNhMmRkMTMxYmFlMWJhMDY5MWE0MjYzM2YxMjVhMWJkZTIiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjaCI6MjA1OTczODQwMiwiY3MiOjAsImYiOjR9.webp
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.233.193 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-233-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bf4e7e425916277f16e562c63772b56fe1a426b74435a5d3bb741b24ad106743

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:07 GMT
last-modified
Wed, 28 Jun 2023 11:29:26 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=305927
access-control-allow-credentials
false
x-traceid
7916b1b561e95f1b13ba35f512ba402b
timing-allow-origin
*, *
content-length
9576
eyJpdSI6IjFiNzgxMDJjNWU1NWJlOTM5NmY0MDY5MGJkZGYxYTUzYzkxMDdlNDdhOTgwZjM1M2QyM2YwMTg1ZTBkNDM3NWEiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjFiNzgxMDJjNWU1NWJlOTM5NmY0MDY5MGJkZGYxYTUzYzkxMDdlNDdhOTgwZjM1M2QyM2YwMTg1ZTBkNDM3NWEiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.233.193 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-233-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a61199617789ed140dcdb57d45a6475bb302889d53f44149ca8d85ac26d460ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:07 GMT
last-modified
Mon, 17 Jul 2023 15:28:23 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1502646
access-control-allow-credentials
false
x-traceid
0ca10b32230f426fca683bf50d1f02cd
timing-allow-origin
*, *
content-length
5008
eyJpdSI6IjM3ZDhhOWZiM2RkYjBjMzZkMmNmZjZjZGNjMzQ5YjdjZDQzOWZmZjA2NjRhOGNmYmNlMGI1YjczMzAwMTIwZDYiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjM3ZDhhOWZiM2RkYjBjMzZkMmNmZjZjZGNjMzQ5YjdjZDQzOWZmZjA2NjRhOGNmYmNlMGI1YjczMzAwMTIwZDYiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.233.193 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-233-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
60b0455f947476006d488b97ce2e448fd69efd17371dd8a8233c31a975a9822c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:07 GMT
last-modified
Tue, 27 Jun 2023 10:45:59 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=987215
access-control-allow-credentials
false
x-traceid
f465ec8bb149c7e2c0f3daadc3f9f006
timing-allow-origin
*, *
content-length
4716
eyJpdSI6IjE5M2IwYjllMmRiYzEwZDc5NzA5YWNiNjk5Yjc4ZWMzYmQ0NDU0YmIyMmUxNGM2NGZiZWY2YjlkYzYwZTVmMTAiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjE5M2IwYjllMmRiYzEwZDc5NzA5YWNiNjk5Yjc4ZWMzYmQ0NDU0YmIyMmUxNGM2NGZiZWY2YjlkYzYwZTVmMTAiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.233.193 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-233-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fc1dbbe483001a995acf7f633fd25bca5cf3b3a7e50f0de6cda33ca8c646e2c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:07 GMT
last-modified
Fri, 13 Oct 2023 03:14:31 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2431855
access-control-allow-credentials
false
x-traceid
ad7430b59ad8ddfe4306f76652fda932
timing-allow-origin
*, *
content-length
5754
eyJpdSI6ImNkMzA1YTBhNThmZGI3MmMyYzVjNThjZDEyOWQ4NGZkM2ZkYWUyODM3ZmNmZjVjNzhlYWQ1MWQ2Yjk3NWM1MTYiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImNkMzA1YTBhNThmZGI3MmMyYzVjNThjZDEyOWQ4NGZkM2ZkYWUyODM3ZmNmZjVjNzhlYWQ1MWQ2Yjk3NWM1MTYiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.233.193 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-233-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2b5c6a51068c01ae269133fb86045397fe442d91f1166ac14b9634dfc2eefa8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:07 GMT
last-modified
Wed, 14 Jun 2023 06:27:04 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=438043
access-control-allow-credentials
false
x-traceid
38cf5d39c35230359eba19de84811a55
timing-allow-origin
*, *
content-length
7006
eyJpdSI6IjA4Y2Q2YTE5NjEzODUxZjBmZDA3YmMzNTM4MTcxZWEyZjBlYTg1YjVhMWMyMTM2NDk1MzdkYWFmOGNkODdiZDMiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjA4Y2Q2YTE5NjEzODUxZjBmZDA3YmMzNTM4MTcxZWEyZjBlYTg1YjVhMWMyMTM2NDk1MzdkYWFmOGNkODdiZDMiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.233.193 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-233-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
031f7ea240959f639f0d976cae7d49f87603049f0f78f1cbeb0d0233d17160d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:07 GMT
last-modified
Wed, 06 Sep 2023 18:50:30 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1520676
access-control-allow-credentials
false
x-traceid
544a9e11ff88ea1d4b0292ec4261e606
timing-allow-origin
*, *
content-length
4034
eyJpdSI6ImQ1M2JiYThiNTBiYTM0Y2U5MTEzMThkOTljYjE1ZjRlYzdlMzVkNDNiNjk1ZDkwNGFmM2JjMmUyNDUzNmU1Y2IiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImQ1M2JiYThiNTBiYTM0Y2U5MTEzMThkOTljYjE1ZjRlYzdlMzVkNDNiNjk1ZDkwNGFmM2JjMmUyNDUzNmU1Y2IiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.233.193 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-233-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a719b57d2b05acf27e8943361a13f21d910e264a75ac92d961ab3c3776b15a1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:07 GMT
last-modified
Sat, 07 Oct 2023 15:20:30 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2462380
access-control-allow-credentials
false
x-traceid
65ff7be5d15a1f59c19f1b5296594ce8
timing-allow-origin
*, *
content-length
2886
eyJpdSI6IjQ2NGNmNTA3ZTM1NjMyMGQxMGNjNDdlZjk4NjQ2ODg5MDAwMDY1NWZmNDcwMDA0NGNlMTczOTU0YmMyMTlkNTUiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjQ2NGNmNTA3ZTM1NjMyMGQxMGNjNDdlZjk4NjQ2ODg5MDAwMDY1NWZmNDcwMDA0NGNlMTczOTU0YmMyMTlkNTUiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.233.193 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-233-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1813e6a311f1c68866b41076b074799b6a0a131484470bb8894f7c272275528d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:07 GMT
last-modified
Mon, 09 Oct 2023 22:10:03 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2371134
access-control-allow-credentials
false
x-traceid
69a02cf5938f7e27b2b7385c80ccc4ca
timing-allow-origin
*, *
content-length
4064
eyJpdSI6IjI1YzBmZjYwNDk5MzgxZjM3NGNmYjA0ZTUwMDBjYmYxZDYzYjJhNmY5ZjI1OTQyYzY4M2Q5MmJhYTFlZWFiZGUiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjI1YzBmZjYwNDk5MzgxZjM3NGNmYjA0ZTUwMDBjYmYxZDYzYjJhNmY5ZjI1OTQyYzY4M2Q5MmJhYTFlZWFiZGUiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.233.193 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-233-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ac1c2bf8dee41731b63029be85dffaf87ec58b67e41aa65f5cd2fa1802d9c069

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:07 GMT
last-modified
Wed, 11 Oct 2023 02:29:10 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2462400
access-control-allow-credentials
false
x-traceid
56065604acc68e4d596ce86cc8f1df90
timing-allow-origin
*, *
content-length
13350
truncated
/ Frame 41A9 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
54a2850ec267a3902a68d096b98fb0904f34b7c4c5a214434e9a5dcd8a036c72

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
eyJpdSI6IjNlZGIxN2Y4MGZiYzNmY2I1NDI1ZmQ2MWYxYWI5YWJhYjJhMGMxN2I4M2RkMzc4ZmE0M2M1ODBiZGY1ODg4ZGUiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 		293 KB
293 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjNlZGIxN2Y4MGZiYzNmY2I1NDI1ZmQ2MWYxYWI5YWJhYjJhMGMxN2I4M2RkMzc4ZmE0M2M1ODBiZGY1ODg4ZGUiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.233.193 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-233-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e081680c6438afa7143f80f7d1b4c082607919987237186fb358a64d0aa06102

Request headers

Referer
https://www.deseret.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 13 Oct 2023 17:36:07 GMT
last-modified
Mon, 04 Sep 2023 23:11:33 GMT
access-control-allow-methods
GET,POST
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-299764/299765
cache-control
max-age=1363303
access-control-allow-credentials
false
x-traceid
75a11ec87b1920022c8f45d1bfb87608
timing-allow-origin
*, *
Content-Length
299765
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame CD28 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 09:09:18 GMT
x-content-type-options
nosniff
age
289609
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Oct 2024 09:09:18 GMT
lnktrk.js
www.mirabelanalytics.com/mmwap/ 		67 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mirabelanalytics.com/mmwap/lnktrk.js
Requested by
Host: d1vg5xiq7qffdj.cloudfront.net
URL: https://d1vg5xiq7qffdj.cloudfront.net/Asyncload.js?fpkey=1020232&encsid=tf8ClPr38BM,&enccid=AFPv3kNG4Ik,&wsid=NDk5&trackingUrl=2PtuCvDuCGT5LwTmxa5wjl35YCAFpwehX6VzxWewIgs,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.20.119.232 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-20-119-232.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b52608eb90130f261d38507f7445e73f9c54fde9b481d23f1987bafd1ed5090a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 17:36:07 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 Mar 2020 04:35:00 GMT
Server
nginx
ETag
W/"5e7d8274-10d63"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
JsResourse.ashx
app.mirabelsmarketingmanager.com/fpv2/fps/ 		52 KB
53 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.mirabelsmarketingmanager.com/fpv2/fps/JsResourse.ashx?encsid=tf8ClPr38BM,&enccid=AFPv3kNG4Ik,&fpid=afe459fd-b836-477a-a1db-4f62a9d80f60&trackingUrl=2PtuCvDuCGT5LwTmxa5wjl35YCAFpwehX6VzxWewIgs,
Requested by
Host: d1vg5xiq7qffdj.cloudfront.net
URL: https://d1vg5xiq7qffdj.cloudfront.net/Asyncload.js?fpkey=1020232&encsid=tf8ClPr38BM,&enccid=AFPv3kNG4Ik,&wsid=NDk5&trackingUrl=2PtuCvDuCGT5LwTmxa5wjl35YCAFpwehX6VzxWewIgs,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.12.68.237 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-12-68-237.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a2a9f0c65b33bea4e7d0754c65b108050d1715a518ee24f036310e5066e3d2e4

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 13 Oct 2023 17:36:07 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
content-type
text/plain; charset=utf-8
cache-control
private
access-control-allow-headers
Content-Type
content-length
53608
fetchdata
api.emailsnow.info/ 		68 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.emailsnow.info/fetchdata?ref=&cid=AFPv3kNG4Ik%2C&wid=tf8ClPr38BM%2C&trackurl=2PtuCvDuCGT5LwTmxa5wjl35YCAFpwehX6VzxWewIgs%2C&uuid=38f0643e-ceb1-4cd4-9708-459a5ce8226d&msg=asyncload&pageurl=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
13.58.98.49 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-58-98-49.us-east-2.compute.amazonaws.com
Software
nginx/1.25.0 / Express
Resource Hash
cef4f8291e3a04c0285761f4bce1be1ba267090ce3078367eaab21653a48319b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 13 Oct 2023 17:36:07 GMT
Server
nginx/1.25.0
Connection
keep-alive
X-Powered-By
Express
Content-Length
68
Content-Type
image/png
886.3c527a2e01111f6a63b3.js
libs.outbrain.com/video/obVideo/current/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.outbrain.com/video/obVideo/current/886.3c527a2e01111f6a63b3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.97.54 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-97-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d67675d915bf8992833fcb48db841bfb61da2fa8acf58b56c7b9c19057baa33e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:07 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 08:54:11 GMT
server
AkamaiNetStorage
etag
"2819534712d8a1c1114a1f627ddd0045:1697101178.403084"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
5097
expires
Fri, 13 Oct 2023 21:36:07 GMT
822.6e9355ca91d9daf71242.js
libs.outbrain.com/video/obVideo/current/ 		158 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.outbrain.com/video/obVideo/current/822.6e9355ca91d9daf71242.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.97.54 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-97-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
81d064926cee91fd88a624d7dea8c312dfd196dcab565b0495a08369a18cbafc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:07 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 08:54:11 GMT
server
AkamaiNetStorage
etag
"266d5b08bf7c8cf5705b7ac67022be4f:1697101177.794365"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
149
expires
Fri, 13 Oct 2023 21:36:07 GMT
334.5864f4b22ef909939290.js
libs.outbrain.com/video/obVideo/current/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.outbrain.com/video/obVideo/current/334.5864f4b22ef909939290.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.97.54 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-97-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a32193dd745d9d011a1f35171b04a0e0ead5565a917de70e5652836fe967833a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:07 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 08:54:11 GMT
server
AkamaiNetStorage
etag
"bebcbb59f51ff5a941e79469f033b6fc:1697101175.167295"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
3879
expires
Fri, 13 Oct 2023 21:36:07 GMT
668.aecda519113835f6f01b.js
libs.outbrain.com/video/obVideo/current/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.outbrain.com/video/obVideo/current/668.aecda519113835f6f01b.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.97.54 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-97-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bd9c5b80c4ec81d3b3ff606460d214e452578f2ad0d97d05e84cb1778372fc1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:07 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 08:54:11 GMT
server
AkamaiNetStorage
etag
"a1a992fc13f1199e49905bbca52f0f87:1697101176.76105"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
4053
expires
Fri, 13 Oct 2023 21:36:07 GMT
vpts.js
static.vidazoo.com/basev/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/vpts.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b0ecd0b7c8e4db72578c8d28429bff3a47a2d8f306e3c9ecce4f34403b9ed83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:07 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
C3QQMF5FY2EN7Z84
age
42227
content-length
10884
x-amz-id-2
UFNvVQGAv8vW3PwLtu9ihWeAmGrNuFN7H/ybKaWmGbvvOKjKQkFFs4rPwKJ4UCt0YjWNTP54f2s=
last-modified
Tue, 08 Jun 2021 05:47:52 GMT
server
cloudflare
etag
"c5a750a1ed58c511f163f50523350222"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
815957cf09fc3732-FRA
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Sat, 14 Oct 2023 17:36:07 GMT
omp.min.js
libs.outbrain.com/video/outbrain-media-player/current/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.outbrain.com/video/outbrain-media-player/current/omp.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.97.54 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-97-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ebff6c0185f82da56ae24b05179c5c24dcc630c5002ce833e7f7f53eca8a0df8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:07 GMT
content-encoding
gzip
last-modified
Tue, 26 Sep 2023 12:55:43 GMT
server
AkamaiNetStorage
etag
"960e0361e29d3558ee4e141672f42b6a:1695736921.108732"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
5785
expires
Fri, 13 Oct 2023 21:36:07 GMT
aniview.js
player.aniview.com/script/6.1/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/aniview.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:38a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
fda6d31bf9df409dd091a643f742ca0e2f42e39aff9106003473239a284ef526

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:07 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduHZtV-yHJRoczlXvzhoH3xGyYBp8_pd7kuh7LaTW23-9tRzf7kqpXq-62em73Sjwm03fOfyn6_QRBJ4-bUBPpOPyc3_nDh
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
13528
last-modified
Tue, 10 Oct 2023 08:13:21 GMT
server
UploadServer
etag
"4489c739a1e3958ee9917fe3ad627ab3"
vary
Accept-Encoding
x-goog-generation
1696925601072097
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=fC4E6w==, md5=RInHOaHjlY7pkX/jrWJ6sw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
13528
accept-ranges
bytes
expires
Fri, 13 Oct 2023 17:46:07 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame CD28 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CHG0tBoApZZnHGZWgjuwPioG1uAXT-vTocsvYyP61EcChir_ENRABIJb2lI8BYJXCpoKwB6AB95jHzALIAQmpAijnMtg2pbE-4AIAqAMByAMKqgTtAk_QnS0NUOjzy0jPwZGmY1axZbIoiKPhx2Ew1anF8yGRdDIiwdGoBpdzuIWHax-_ys_zOrojMYMGSBCzcB0ou97Z7bcDhDPZvC5BRkuyFbZTP-TzeLvir2VUd5aE-XnSJOsefGvs4u5S2kk7sMmzlS_flBsU5biE0IbH73p1hGLUEvDL2Nhn30CLMOnzZNOC91Hfr6m4EphZpXJySxIGTTXyNbG4z6v3dCsQACNBEA6Sv8Q33h3pzPauSzUzX5Ywk4ynmrxdCwfFaZkpNM4AnoUvj87UQUGLaDCjLiemYuAtpcSdDT-PtDrwdRp3SSHdj_qh9kssfTtETxtn0v5NumRu_cw4ryauaFshmOQZIp0FAY4zn_yH5imfhhxSDpcpx6Y1EuwcPx87W3QwgV35wAcMBwis3AGn3-P6NQUSFWR0Sg28HRwJHwvThFVeB8izUmhSdzjOZRUkH7blibUV-6EDqrhRko6LHpgkU23YwASJ-rvSigTgBAGIBeij1IA0kgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_HmuLMBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQzJoG0ggWCIDhgHAQARgdMgLrAjoCgEBIvf3BOpoJHGh0dHBzOi8vaG9mZm1hbm4tZ2VybWFueS5kZS-ACgPICwHiDRMIs8mG7sfzgQMVFZCDBx2KQA1X2BMN0BUBmBYBgBcBshcfCh0IABIUcHViLTQ5OTU2OTQ5MDQwNTQzMzQYkIyBAQ&sigh=A3oRp7vA1uI&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaN6vSVa5ND5ml-yeulgau_LYC7-8cnNgS9tcrVAcj06UfGaAhlJ76UxNTQ82GFaFYM-wdgrQ-8GAE&template_id=5000&cbvp=2
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
omp.min.css
libs.outbrain.com/video/outbrain-media-player/current/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://libs.outbrain.com/video/outbrain-media-player/current/omp.min.css
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.97.54 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-97-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
81ae5ae4a9ed2a0aad7d072359df89b72ab1dd3720962e7b8abbc6710ed2740c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:07 GMT
content-encoding
gzip
last-modified
Tue, 26 Sep 2023 12:55:43 GMT
server
AkamaiNetStorage
etag
"7a15a58cb1128e8ed7983f70d990d7b8:1695736920.937307"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
1929
expires
Fri, 13 Oct 2023 21:36:07 GMT
252.bundle.js
libs.outbrain.com/video/outbrain-media-player/current/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.outbrain.com/video/outbrain-media-player/current/252.bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.97.54 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-97-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9d07fb6a85f0cb749d620cbede61dad7e9965e6479036a410d8e4732707876b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:07 GMT
content-encoding
gzip
last-modified
Tue, 26 Sep 2023 12:55:43 GMT
server
AkamaiNetStorage
etag
"28f8d3962e5140c9636db11027d0acb5:1695736919.43776"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
1191
expires
Fri, 13 Oct 2023 21:36:07 GMT
place
deseretdigital-tagan.adlightning.com/ Frame CD28 		0
445 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://deseretdigital-tagan.adlightning.com/place?p=1&d=eyJzaXRlSWQiOiJkZXNlcmV0ZGlnaXRhbCIsInVybCI6Imh0dHBzOi8vd3d3LmRlc2VyZXQuY29tL3Utcy13b3JsZC8yMDIzLzEwLzExLzIzOTEzMDk1LzIzYW5kbWUtaGFjayIsImFkVW5pdCI6Ii8yMjY1MzIzNzkzOS9kZXNlcmV0L3d3dy5kZXNlcmV0LmNvbS9sYXRlc3QvdS1zLXdvcmxkXzAiLCJhZFNlcnZlckRldGFpbHMiOnsiYWR2ZXJ0aXNlcklkIjoiNTEzMDY0MTI2MyIsImNhbXBhaWduSWQiOiIyOTg3MTU3OTg0IiwiY3JlYXRpdmVJZCI6IjEzODM4MzEwMDgxNyIsImxpbmVpdGVtSWQiOiI1OTMyMDUwNDY3IiwiYWRTZXJ2ZXIiOiJkZnAifSwid3YiOiIxLjAuMCtlMDlmMTBmIiwiYnYiOiJibC0zNGRmMjEyLTU1MzQ4OTYwO2ItZTA5ZjEwZi02YmEyZGM1MSIsIm1ldGEiOnsiYmxhY2tsaXN0U3RhdHVzIjp7ImxvYWRlZCI6dHJ1ZSwiY291bnQiOjEzMDksImZpcnN0SXRlbSI6eyJ0IjoiZ3JhbWZyZWUud2Vic2l0ZSIsImEiOjEwfX0sImJsb2NrZWRJbmZvIjp7InJlZnJlc2hlZENvdW50IjowLCJibG9ja2VkQ291bnQiOjAsImhlYXZ5QWRCbG9ja2VkQ291bnQiOjAsImhlYXZ5QWRSZWZyZXNoZWRDb3VudCI6MH0sImFkUmVzb3VyY2VzIjp7ImFkSW1hZ2VzIjpbIjxpbWcgY2xhc3M9XCJpLWFtcGh0bWwtZmlsbC1jb250ZW50IGktYW1waHRtbC1yZXBsYWNlZC1jb250ZW50XCIgZGVjb2Rpbmc9XCJhc3luY1wiIHNyYz1cImh0dHBzOi8vdHBjLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvaW1hZ2VzL2FkY2hvaWNlcy9lbi5wbmdcIj4iLCI8aW1nIGNsYXNzPVwiaS1hbXBodG1sLWZpbGwtY29udGVudCBpLWFtcGh0bWwtcmVwbGFjZWQtY29udGVudFwiIGRlY29kaW5nPVwiYXN5bmNcIiBzcmM9XCJodHRwczovL3RwYy5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2ltYWdlcy9hZGNob2ljZXMvaWNvbi5wbmdcIj4iLCI8aW1nIHNyYz1cIi8vd3d3Lmdvb2dsZS5jb20vYWRzL21lYXN1cmVtZW50L2w%2FZWJjaWQ9QUxoN0NhUjlzTkZmZ0NlWUpMM3UxYzZZYTZVTTVYNGJUTmRQTy1rREYzRWgtX3RQbS1VdWFROGl6V09NNnFJZlJuR0RldDgtVmdwalwiPiJdfSwicGxSYXRpbyI6MC4wMX0sInRhZ01hcmt1cCI6IjxodG1sIGFtcDRhZHM9XCJcIiBjbGFzcz1cImktYW1waHRtbC1pbmFib3ggaS1hbXBodG1sLXNpbmdsZWRvYyBpLWFtcGh0bWwtc3RhbmRhbG9uZSBpLWFtcGh0bWwtaWZyYW1lZFwiIGktYW1waHRtbC1sYXlvdXQ9XCJcIiBpLWFtcGh0bWwtbm8tYm9pbGVycGxhdGU9XCJcIiBsYW5nPVwiZGVcIiBhbXAtdmVyc2lvbj1cIjIzMDkyOTAxNDEwMDBcIj48aGVhZD48c2NyaXB0IHNyYz1cImh0dHBzOi8vdGFnYW4uYWRsaWdodG5pbmcuY29tL2Rlc2VyZXRkaWdpdGFsL2ItZTA5ZjEwZi02YmEyZGM1MS5qc1wiIHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIj48L3NjcmlwdD48c2NyaXB0PndpbmRvd1tcIjg0MTAzMTY5X2Rlc2VyZXRkaWdpdGFsXCJdID0gd2luZG93W1wiODQxMDMxNjlfZGVzZXJldGRpZ2l0YWxcIl0gfHwge307d2luZG93W1wiODQxMDMxNjlfZGVzZXJldGRpZ2l0YWxcIl0udGFnRGV0YWlscyA9IHdpbmRvd1tcIjg0MTAzMTY5X2Rlc2VyZXRkaWdpdGFsXCJdLnRhZ0RldGFpbHMgfHwge1wic2l0ZUlkXCI6XCJkZXNlcmV0ZGlnaXRhbFwiLFwid3ZcIjpcIjEuMC4wK2UwOWYxMGZcIixcImJsdlwiOlwiYmwtMzRkZjIxMi01NTM0ODk2MFwiLFwiYnZcIjpcImItZTA5ZjEwZi02YmEyZGM1MVwiLFwidG9wRG9tYWluXCI6XCJodHRwczovL3d3dy5kZXNlcmV0LmNvbS91LXMtd29ybGQvMjAyMy8xMC8xMS8yMzkxMzA5NS8yM2FuZG1lLWhhY2tcIixcImN1cnJlbnRUYWdJZFwiOlwiYWRsdGFnX2xub3c0M2Z1X21pcDJkMkQ3YkVcIixcImF1XCI6XCIvMjI2NTMyMzc5MzkvZGVzZXJldC93d3cuZGVzZXJldC5jb20vbGF0ZXN0L3Utcy13b3JsZF8wXCIsXCJzbG90RWxlbWVudElkXCI6XCJodGxhZC0xLWdwdFwiLFwicmVmcmVzaGVzUmVtYWluaW5nXCI6MixcImJsb2NrZWRDb3VudFwiOjAsXCJoZWF2eUFkUmVmcmVzaGVzUmVtYWluaW5nXCI6MixcImhlYXZ5QWRCbG9ja2VkQ291bnRcIjowLFwiYWRTZXJ2ZXJEZXRhaWxzXCI6e1wiYWR2ZXJ0aXNlcklkXCI6XCI1MTMwNjQxMjYzXCIsXCJjYW1wYWlnbklkXCI6XCIyOTg3MTU3OTg0XCIsXCJjcmVhdGl2ZUlkXCI6XCIxMzgzODMxMDA4MTdcIixcImxpbmVpdGVtSWRcIjpcIjU5MzIwNTA0NjdcIixcImFkU2VydmVyXCI6XCJkZnBcIn19O3dpbmRvdy5ibG9ja2VyICYmIGJsb2NrZXIoXCI4NDEwMzE2OV9kZXNlcmV0ZGlnaXRhbFwiLCBcIjwhLS1BRExfV1JBUFBFRC0tPlwiLCBmYWxzZSwgd2luZG93LCB7fSk7PC9zY3JpcHQ%2BPG1ldGEgbmFtZT1cInJlZmVycmVyXCIgY29udGVudD1cIm9yaWdpblwiPjxtZXRhIGh0dHAtZXF1aXY9XCJDb250ZW50LVNlY3VyaXR5LVBvbGljeVwiIGNvbnRlbnQ9XCJzY3JpcHQtc3JjIGh0dHBzOi8vY2RuLmFtcHByb2plY3Qub3JnLztvYmplY3Qtc3JjICdub25lJztjaGlsZC1zcmMgYmxvYjo7ZnJhbWUtc3JjICdub25lJ1wiPjxtZXRhIGNoYXJzZXQ9XCJ1dGYtOFwiPjxtZXRhIGNvbnRlbnQ9XCJ3aWR0aD1kZXZpY2Utd2lkdGgsbWluaW11bS1zY2FsZT0xLGluaXRpYWwtc2NhbGU9MVwiIG5hbWU9XCJ2aWV3cG9ydFwiPjxzdHlsZSBhbXAtcnVudGltZT1cIlwiIGktYW1waHRtbC12ZXJzaW9uPVwiMDEyMzA5MjkwMTQxMDAwXCI%2BW2hpZGRlbl17ZGlzcGxheTpub25lIWltcG9ydGFudH0uaS1hbXBodG1sLWVsZW1lbnR7ZGlzcGxheTppbmxpbmUtYmxvY2t9LmktYW1waHRtbC1ibHVycnktcGxhY2Vob2xkZXJ7dHJhbnNpdGlvbjpvcGFjaXR5IDAuM3MgY3ViaWMtYmV6aWVyKDAuMCwwLjAsMC4yLDEpIWltcG9ydGFudDtwb2ludGVyLWV2ZW50czpub25lfVtsYXlvdXQ9bm9kaXNwbGF5XTpub3QoLmktYW1waHRtbC1lbGVtZW50KXtkaXNwbGF5Om5vbmUhaW1wb3J0YW50fS5pLWFtcGh0bWwtbGF5b3V0LWZpeGVkLFtsYXlvdXQ9Zml4ZWRdW3dpZHRoXVtoZWlnaHRdOm5vdCguaS1hbXBodG1sLWxheW91dC1maXhlZCl7ZGlzcGxheTppbmxpbmUtYmxvY2s7cG9zaXRpb246cmVsYXRpdmV9LmktYW1waHRtbC1sYXlvdXQtcmVzcG9uc2l2ZSxbbGF5b3V0PXJlc3BvbnNpdmVdW3dpZHRoXVtoZWlnaHRdOm5vdCguaS1hbXBodG1sLWxheW91dC1yZXNwb25zaXZlKSxbd2lkdGhdW2hlaWdodF1baGVpZ2h0c106bm90KFtsYXlvdXRdKTpub3QoLmktYW1waHRtbC1sYXlvdXQtcmVzcG9uc2l2ZSksW3dpZHRoXVtoZWlnaHRdW3NpemVzXTpub3QoaW1nKTpub3QoW2xheW91dF0pOm5vdCguaS1hbXBodG1sLWxheW91dC1yZXNwb25zaXZlKXtkaXNwbGF5OmJsb2NrO3Bvc2l0aW9uOnJlbGF0aXZlfS5pLWFtcGh0bWwtbGF5b3V0LWludHJpbnNpYyxbbGF5b3V0PWludHJpbnNpY11bd2lkdGhdW2hlaWdodF06bm90KC5pLWFtcGh0bWwtbGF5b3V0LWludHJpbnNpYyl7ZGlzcGxheTppbmxpbmUtYmxvY2s7cG9zaXRpb246cmVsYXRpdmU7bWF4LXdpZHRoOjEwMCV9LmktYW1waHRtbC1sYXlvdXQtaW50cmluc2ljIC5pLWFtcGh0bWwtc2l6ZXJ7bWF4LXdpZHRoOjEwMCV9LmktYW1waHRtbC1pbnRyaW5zaWMtc2l6ZXJ7bWF4LXdpZHRoOjEwMCU7ZGlzcGxheTpibG9jayFpbXBvcnRhbnR9LmktYW1waHRtbC1sYXlvdXQtY29udGFpbmVyLC5pLWFtcGh0bWwtbGF5b3V0LWZpeGVkLWhlaWdodCxbbGF5b3V0PWNvbnRhaW5lcl0sW2xheW91dD1maXhlZC1oZWlnaHRdW2hlaWdodF06bm90KC5pLWFtcGh0bWwtbGF5b3V0LWZpeGVkLWhlaWdodCl7ZGlzcGxheTpibG9jaztwb3NpdGlvbjpyZWxhdGl2ZX0uaS1hbXBodG1sLWxheW91dC1maWxsLC5pLWFtcGh0bWwtbGF5b3V0LWZpbGwuaS1hbXBodG1sLW5vdGJ1aWx0LFtsYXlvdXQ9ZmlsbF06bm90KC5pLWFtcGh0bWwtbGF5b3V0LWZpbGwpLGJvZHkgbm9zY3JpcHQ%2BKntkaXNwbGF5OmJsb2NrO292ZXJmbG93OmhpZGRlbiFpbXBvcnRhbnQ7cG9zaXRpb246YWJzb2x1dGU7dG9wOjA7bGVmdDowO2JvdHRvbTowO3JpZ2h0OjB9Ym9keSBub3NjcmlwdD4qe3Bvc2l0aW9uOmFic29sdXRlIWltcG9ydGFudDt3aWR0aDoxMDAlO2hlaWdodDoxMDAlO3otaW5kZXg6Mn1ib2R5IG5vc2NyaXB0e2Rpc3BsYXk6aW5saW5lIWltcG9ydGFudH0uaS1hbXBodG1sLWxheW91dC1mbGV4LWl0ZW0sW2xheW91dD1mbGV4LWl0ZW1dOm5vdCguaS1hbXBodG1sLWxheW91dC1mbGV4LWl0ZW0pe2Rpc3BsYXk6YmxvY2s7cG9zaXRpb246cmVsYXRpdmU7LW1zLWZsZXg6MSAxIGF1dG87ZmxleDoxIDEgYXV0b30uaS1hbXBodG1sLWxheW91dC1mbHVpZHtwb3NpdGlvbjpyZWxhdGl2ZX0uaS1hbXBodG1sLWxheW91dC1zaXplLWRlZmluZWR7b3ZlcmZsb3c6aGlkZGVuIWltcG9ydGFudH0uaS1hbXBodG1sLWxheW91dC1hd2FpdGluZy1zaXple3Bvc2l0aW9uOmFic29sdXRlIWltcG9ydGFudDt0b3A6YXV0byFpbXBvcnRhbnQ7Ym90dG9tOmF1dG8haW1wb3J0YW50fWktYW1waHRtbC1zaXplcntkaXNwbGF5OmJsb2NrIWltcG9ydGFudH1Ac3VwcG9ydHMgKGFzcGVjdC1yYXRpbzoxLzEpe2ktYW1waHRtbC1zaXplci5pLWFtcGh0bWwtZGlzYWJsZS1hcntkaXNwbGF5Om5vbmUhaW1wb3J0YW50fX0uaS1hbXBodG1sLWJsdXJyeS1wbGFjZWhvbGRlciwuaS1hbXBodG1sLWZpbGwtY29udGVudHtkaXNwbGF5OmJsb2NrO2hlaWdodDowO21heC1oZWlnaHQ6MTAwJTttYXgtd2lkdGg6MTAwJTttaW4taGVpZ2h0OjEwMCU7bWluLXdpZHRoOjEwMCU7d2lkdGg6MDttYXJnaW46YXV0b30uaS1hbXBodG1sLWxheW91dC1zaXplLWRlZmluZWQgLmktYW1waHRtbC1maWxsLWNvbnRlbnR7cG9zaXRpb246YWJzb2x1dGU7dG9wOjA7bGVmdDowO2JvdHRvbTowO3JpZ2h0OjB9LmktYW1waHRtbC1yZXBsYWNlZC1jb250ZW50LC5pLWFtcGh0bWwtc2NyZWVuLXJlYWRlcntwYWRkaW5nOjAhaW1wb3J0YW50O2JvcmRlcjpub25lIWltcG9ydGFudH0uaS1hbXBodG1sLXNjcmVlbi1yZWFkZXJ7cG9zaXRpb246Zml4ZWQhaW1wb3J0YW50O3RvcDowcHghaW1wb3J0YW50O2xlZnQ6MHB4IWltcG9ydGFudDt3aWR0aDo0cHghaW1wb3J0YW50O2hlaWdodDo0cHghaW1wb3J0YW50O29wYWNpdHk6MCFpbXBvcnRhbnQ7b3ZlcmZsb3c6aGlkZGVuIWltcG9ydGFudDttYXJnaW46MCFpbXBvcnRhbnQ7ZGlzcGxheTpibG9jayFpbXBvcnRhbnQ7dmlzaWJpbGl0eTp2aXNpYmxlIWltcG9ydGFudH0uaS1hbXBodG1sLXNjcmVlbi1yZWFkZXJ%2BLmktYW1waHRtbC1zY3JlZW4tcmVhZGVye2xlZnQ6OHB4IWltcG9ydGFudH0uaS1hbXBodG1sLXNjcmVlbi1yZWFkZXJ%2BLmktYW1waHRtbC1zY3JlZW4tcmVhZGVyfi5pLWFtcGh0bWwtc2NyZWVuLXJlYWRlcntsZWZ0OjEycHghaW1wb3J0YW50fS5pLWFtcGh0bWwtc2NyZWVuLXJlYWRlcn4uaS1hbXBodG1sLXNjcmVlbi1yZWFkZXJ%2BLmktYW1waHRtbC1zY3JlZW4tcmVhZGVyfi5pLWFtcGh0bWwtc2NyZWVuLXJlYWRlcntsZWZ0OjE2cHghaW1wb3J0YW50fS5pLWFtcGh0bWwtdW5yZXNvbHZlZHtwb3NpdGlvbjpyZWxhdGl2ZTtvdmVyZmxvdzpoaWRkZW4haW1wb3J0YW50fS5pLWFtcGh0bWwtc2VsZWN0LWRpc2FibGVkey13ZWJraXQtdXNlci1zZWxlY3Q6bm9uZSFpbXBvcnRhbnQ7LW1zLXVzZXItc2VsZWN0Om5vbmUhaW1wb3J0YW50O3VzZXItc2VsZWN0Om5vbmUhaW1wb3J0YW50fS5pLWFtcGh0bWwtbm90YnVpbHQsW2xheW91dF06bm90KC5pLWFtcGh0bWwtZWxlbWVudCksW3dpZHRoXVtoZWlnaHRdW2hlaWdodHNdOm5vdChbbGF5b3V0XSk6bm90KC5pLWFtcGh0bWwtZWxlbWVudCksW3dpZHRoXVtoZWlnaHRdW3NpemVzXTpub3QoaW1nKTpub3QoW2xheW91dF0pOm5vdCguaS1hbXBodG1sLWVsZW1lbnQpe3Bvc2l0aW9uOnJlbGF0aXZlO292ZXJmbG93OmhpZGRlbiFpbXBvcnRhbnQ7Y29sb3I6dHJhbnNwYXJlbnQhaW1wb3J0YW50fS5pLWFtcGh0bWwtbm90YnVpbHQ6bm90KC5pLWFtcGh0bWwtbGF5b3V0LWNvbnRhaW5lcik%2B&i=1-13&t=adltag_lnow43fu_mip2d2D7bE&r=3bb80a83ef65df1abe1cf6ba49e7c53&c=deseretdigital&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-64.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
odvXiI1Ly1sj3Ab5_RmE7VvQnF.fsWxS
date
Fri, 13 Oct 2023 16:30:54 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
30449
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
0
last-modified
Fri, 28 Oct 2022 01:03:48 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
DTYxM0Vjvz-I1YboDcAKD3AmkFwVXb274MzgSVgXAoTtANKOi-aYaw==
place
deseretdigital-tagan.adlightning.com/ Frame CD28 		0
445 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://deseretdigital-tagan.adlightning.com/place?p=1&d=KixbbGF5b3V0XTpub3QoW2xheW91dD1jb250YWluZXJdKTpub3QoLmktYW1waHRtbC1lbGVtZW50KT4qLFt3aWR0aF1baGVpZ2h0XVtoZWlnaHRzXTpub3QoW2xheW91dF0pOm5vdCguaS1hbXBodG1sLWVsZW1lbnQpPiosW3dpZHRoXVtoZWlnaHRdW3NpemVzXTpub3QoW2xheW91dF0pOm5vdCguaS1hbXBodG1sLWVsZW1lbnQpPip7ZGlzcGxheTpub25lfWFtcC1pbWc6bm90KC5pLWFtcGh0bWwtZWxlbWVudClbaS1hbXBodG1sLXNzcl0%2BaW1nLmktYW1waHRtbC1maWxsLWNvbnRlbnR7ZGlzcGxheTpibG9ja30uaS1hbXBodG1sLW5vdGJ1aWx0Om5vdCguaS1hbXBodG1sLWxheW91dC1jb250YWluZXIpLFtsYXlvdXRdOm5vdChbbGF5b3V0PWNvbnRhaW5lcl0pOm5vdCguaS1hbXBodG1sLWVsZW1lbnQpLFt3aWR0aF1baGVpZ2h0XVtoZWlnaHRzXTpub3QoW2xheW91dF0pOm5vdCguaS1hbXBodG1sLWVsZW1lbnQpLFt3aWR0aF1baGVpZ2h0XVtzaXplc106bm90KGltZyk6bm90KFtsYXlvdXRdKTpub3QoLmktYW1waHRtbC1lbGVtZW50KXtjb2xvcjp0cmFuc3BhcmVudCFpbXBvcnRhbnQ7bGluZS1oZWlnaHQ6MCFpbXBvcnRhbnR9LmktYW1waHRtbC1naG9zdHt2aXNpYmlsaXR5OmhpZGRlbiFpbXBvcnRhbnR9LmktYW1waHRtbC1lbGVtZW50PltwbGFjZWhvbGRlcl0sW2xheW91dF06bm90KC5pLWFtcGh0bWwtZWxlbWVudCk%2BW3BsYWNlaG9sZGVyXSxbd2lkdGhdW2hlaWdodF1baGVpZ2h0c106bm90KFtsYXlvdXRdKTpub3QoLmktYW1waHRtbC1lbGVtZW50KT5bcGxhY2Vob2xkZXJdLFt3aWR0aF1baGVpZ2h0XVtzaXplc106bm90KFtsYXlvdXRdKTpub3QoLmktYW1waHRtbC1lbGVtZW50KT5bcGxhY2Vob2xkZXJde2Rpc3BsYXk6YmxvY2s7bGluZS1oZWlnaHQ6bm9ybWFsfS5pLWFtcGh0bWwtZWxlbWVudD5bcGxhY2Vob2xkZXJdLmFtcC1oaWRkZW4sLmktYW1waHRtbC1lbGVtZW50PltwbGFjZWhvbGRlcl0uaGlkZGVue3Zpc2liaWxpdHk6aGlkZGVufS5pLWFtcGh0bWwtZWxlbWVudDpub3QoLmFtcC1ub3RzdXBwb3J0ZWQpPltmYWxsYmFja10sLmktYW1waHRtbC1sYXlvdXQtY29udGFpbmVyPltwbGFjZWhvbGRlcl0uYW1wLWhpZGRlbiwuaS1hbXBodG1sLWxheW91dC1jb250YWluZXI%2BW3BsYWNlaG9sZGVyXS5oaWRkZW57ZGlzcGxheTpub25lfS5pLWFtcGh0bWwtbGF5b3V0LXNpemUtZGVmaW5lZD5bZmFsbGJhY2tdLC5pLWFtcGh0bWwtbGF5b3V0LXNpemUtZGVmaW5lZD5bcGxhY2Vob2xkZXJde3Bvc2l0aW9uOmFic29sdXRlIWltcG9ydGFudDt0b3A6MCFpbXBvcnRhbnQ7bGVmdDowIWltcG9ydGFudDtyaWdodDowIWltcG9ydGFudDtib3R0b206MCFpbXBvcnRhbnQ7ei1pbmRleDoxfWFtcC1pbWdbaS1hbXBodG1sLXNzcl06bm90KC5pLWFtcGh0bWwtZWxlbWVudCk%2BW3BsYWNlaG9sZGVyXXt6LWluZGV4OmF1dG99LmktYW1waHRtbC1ub3RidWlsdD5bcGxhY2Vob2xkZXJde2Rpc3BsYXk6YmxvY2shaW1wb3J0YW50fS5pLWFtcGh0bWwtaGlkZGVuLWJ5LW1lZGlhLXF1ZXJ5e2Rpc3BsYXk6bm9uZSFpbXBvcnRhbnR9LmktYW1waHRtbC1lbGVtZW50LWVycm9ye2JhY2tncm91bmQ6cmVkIWltcG9ydGFudDtjb2xvcjojZmZmIWltcG9ydGFudDtwb3NpdGlvbjpyZWxhdGl2ZSFpbXBvcnRhbnR9LmktYW1waHRtbC1lbGVtZW50LWVycm9yOmJlZm9yZXtjb250ZW50OmF0dHIoZXJyb3ItbWVzc2FnZSl9aS1hbXAtc2Nyb2xsLWNvbnRhaW5lcixpLWFtcGh0bWwtc2Nyb2xsLWNvbnRhaW5lcntwb3NpdGlvbjphYnNvbHV0ZTt0b3A6MDtsZWZ0OjA7cmlnaHQ6MDtib3R0b206MDtkaXNwbGF5OmJsb2NrfWktYW1wLXNjcm9sbC1jb250YWluZXIuYW1wLWFjdGl2ZSxpLWFtcGh0bWwtc2Nyb2xsLWNvbnRhaW5lci5hbXAtYWN0aXZle292ZXJmbG93OmF1dG87LXdlYmtpdC1vdmVyZmxvdy1zY3JvbGxpbmc6dG91Y2h9LmktYW1waHRtbC1sb2FkaW5nLWNvbnRhaW5lcntkaXNwbGF5OmJsb2NrIWltcG9ydGFudDtwb2ludGVyLWV2ZW50czpub25lO3otaW5kZXg6MX0uaS1hbXBodG1sLW5vdGJ1aWx0Pi5pLWFtcGh0bWwtbG9hZGluZy1jb250YWluZXJ7ZGlzcGxheTpibG9jayFpbXBvcnRhbnR9LmktYW1waHRtbC1sb2FkaW5nLWNvbnRhaW5lci5hbXAtaGlkZGVue3Zpc2liaWxpdHk6aGlkZGVufS5pLWFtcGh0bWwtZWxlbWVudD5bb3ZlcmZsb3dde2N1cnNvcjpwb2ludGVyO3Bvc2l0aW9uOnJlbGF0aXZlO3otaW5kZXg6Mjt2aXNpYmlsaXR5OmhpZGRlbjtkaXNwbGF5OmluaXRpYWw7bGluZS1oZWlnaHQ6bm9ybWFsfS5pLWFtcGh0bWwtbGF5b3V0LXNpemUtZGVmaW5lZD5bb3ZlcmZsb3dde3Bvc2l0aW9uOmFic29sdXRlfS5pLWFtcGh0bWwtZWxlbWVudD5bb3ZlcmZsb3ddLmFtcC12aXNpYmxle3Zpc2liaWxpdHk6dmlzaWJsZX10ZW1wbGF0ZXtkaXNwbGF5Om5vbmUhaW1wb3J0YW50fS5hbXAtYm9yZGVyLWJveCwuYW1wLWJvcmRlci1ib3ggKiwuYW1wLWJvcmRlci1ib3ggOmFmdGVyLC5hbXAtYm9yZGVyLWJveCA6YmVmb3Jle2JveC1zaXppbmc6Ym9yZGVyLWJveH1hbXAtcGl4ZWx7ZGlzcGxheTpub25lIWltcG9ydGFudH1hbXAtYW5hbHl0aWNzLGFtcC1hdXRvLWFkcyxhbXAtc3RvcnktYXV0by1hZHN7cG9zaXRpb246Zml4ZWQhaW1wb3J0YW50O3RvcDowIWltcG9ydGFudDt3aWR0aDoxcHghaW1wb3J0YW50O2hlaWdodDoxcHghaW1wb3J0YW50O292ZXJmbG93OmhpZGRlbiFpbXBvcnRhbnQ7dmlzaWJpbGl0eTpoaWRkZW59YW1wLXN0b3J5e3Zpc2liaWxpdHk6aGlkZGVuIWltcG9ydGFudH1odG1sLmktYW1waHRtbC1maWU%2BYW1wLWFuYWx5dGljc3twb3NpdGlvbjppbml0aWFsIWltcG9ydGFudH1bdmlzaWJsZS13aGVuLWludmFsaWRdOm5vdCgudmlzaWJsZSksZm9ybSBbc3VibWl0LWVycm9yXSxmb3JtIFtzdWJtaXQtc3VjY2Vzc10sZm9ybSBbc3VibWl0dGluZ117ZGlzcGxheTpub25lfWFtcC1hY2NvcmRpb257ZGlzcGxheTpibG9jayFpbXBvcnRhbnR9QG1lZGlhIChtaW4td2lkdGg6MXB4KXs6d2hlcmUoYW1wLWFjY29yZGlvbj5zZWN0aW9uKT46Zmlyc3QtY2hpbGR7bWFyZ2luOjA7YmFja2dyb3VuZC1jb2xvcjojZWZlZmVmO3BhZGRpbmctcmlnaHQ6MjBweDtib3JkZXI6MXB4IHNvbGlkICNkZmRmZGZ9OndoZXJlKGFtcC1hY2NvcmRpb24%2Bc2VjdGlvbik%2BOmxhc3QtY2hpbGR7bWFyZ2luOjB9fWFtcC1hY2NvcmRpb24%2Bc2VjdGlvbntmbG9hdDpub25lIWltcG9ydGFudH1hbXAtYWNjb3JkaW9uPnNlY3Rpb24%2BKntmbG9hdDpub25lIWltcG9ydGFudDtkaXNwbGF5OmJsb2NrIWltcG9ydGFudDtvdmVyZmxvdzpoaWRkZW4haW1wb3J0YW50O3Bvc2l0aW9uOnJlbGF0aXZlIWltcG9ydGFudH1hbXAtYWNjb3JkaW9uLGFtcC1hY2NvcmRpb24%2Bc2VjdGlvbnttYXJnaW46MH1hbXAtYWNjb3JkaW9uOm5vdCguaS1hbXBodG1sLWJ1aWx0KT5zZWN0aW9uPjpsYXN0LWNoaWxke2Rpc3BsYXk6bm9uZSFpbXBvcnRhbnR9YW1wLWFjY29yZGlvbjpub3QoLmktYW1waHRtbC1idWlsdCk%2Bc2VjdGlvbltleHBhbmRlZF0%2BOmxhc3QtY2hpbGR7ZGlzcGxheTpibG9jayFpbXBvcnRhbnR9XG4vKiMgc291cmNlVVJMPS9jc3MvYW1wc2hhcmVkLmNzcyovaHRtbC5pLWFtcGh0bWwtaW5hYm94e3dpZHRoOjEwMCUhaW1wb3J0YW50O2hlaWdodDoxMDAlIWltcG9ydGFudH08L3N0eWxlPjxzdHlsZSBhbXAtZXh0ZW5zaW9uPVwiYW1wLWZvcm1cIj5mb3JtLmFtcC1mb3JtLXN1Ym1pdC1lcnJvciBbc3VibWl0LWVycm9yXSxmb3JtLmFtcC1mb3JtLXN1Ym1pdC1zdWNjZXNzIFtzdWJtaXQtc3VjY2Vzc10sZm9ybS5hbXAtZm9ybS1zdWJtaXR0aW5nIFtzdWJtaXR0aW5nXXtkaXNwbGF5OmJsb2NrfXRleHRhcmVhW2F1dG9leHBhbmRdOm5vdCguaS1hbXBodG1sLXRleHRhcmVhLW1heCl7b3ZlcmZsb3c6aGlkZGVuIWltcG9ydGFudH0uaS1hbXBodG1sLXRleHRhcmVhLWNsb25le3Zpc2liaWxpdHk6aGlkZGVuO3Bvc2l0aW9uOmFic29sdXRlO3RvcDotOTk5OXB4O2xlZnQ6LTk5OTlweDtoZWlnaHQ6MCFpbXBvcnRhbnR9LmktYW1waHRtbC12YWxpZGF0aW9uLWJ1YmJsZXt0cmFuc2Zvcm06dHJhbnNsYXRlKC01MCUsLTEwMCUpO2JhY2tncm91bmQtY29sb3I6I2ZmZjtib3gtc2hhZG93OjAgNXB4IDE1cHggMCByZ2JhKDAsMCwwLC41KTttYXgtd2lkdGg6MjAwcHg7cG9zaXRpb246YWJzb2x1dGU7ZGlzcGxheTpibG9jaztib3gtc2l6aW5nOmJvcmRlci1ib3g7cGFkZGluZzoxMHB4O2JvcmRlci1yYWRpdXM6NXB4fS5pLWFtcGh0bWwtdmFsaWRhdGlvbi1idWJibGU6YWZ0ZXJ7Y29udGVudDpcIiBcIjtwb3NpdGlvbjphYnNvbHV0ZTtib3R0b206LThweDtsZWZ0OjMwcHg7d2lkdGg6MDtoZWlnaHQ6MDtib3JkZXItbGVmdDo4cHggc29saWQgdHJhbnNwYXJlbnQ7Ym9yZGVyLXJpZ2h0OjhweCBzb2xpZCB0cmFuc3BhcmVudDtib3JkZXItdG9wOjhweCBzb2xpZCAjZmZmfVt2aXNpYmxlLXdoZW4taW52YWxpZF17Y29sb3I6cmVkfVxuLyojIHNvdXJjZVVSTD0vZXh0ZW5zaW9ucy9hbXAtZm9ybS8wLjEvYW1wLWZvcm0uY3NzKi88L3N0eWxlPjxzdHlsZSBhbXAtZXh0ZW5zaW9uPVwiYW1wLWZpdC10ZXh0XCI%2BLmktYW1waHRtbC1maXQtdGV4dC1jb250ZW50LC5pLWFtcGh0bWwtZml0LXRleHQtY29udGVudC5pLWFtcGh0bWwtZmlsbC1jb250ZW50e2Rpc3BsYXk6YmxvY2s7ZGlzcGxheTotbXMtZmxleGJveDtkaXNwbGF5OmZsZXg7LW1zLWZsZXgtZGlyZWN0aW9uOmNvbHVtbjtmbGV4LWRpcmVjdGlvbjpjb2x1bW47LW1zLWZsZXgtd3JhcDpub3dyYXA7ZmxleC13cmFwOm5vd3JhcDstbXMtZmxleC1wYWNrOmNlbnRlcjtqdXN0aWZ5LWNvbnRlbnQ6Y2VudGVyfS5pLWFtcGh0bWwtZml0LXRleHQtY29udGVudHt6LWluZGV4OjIhaW1wb3J0YW50O3Zpc2liaWxpdHk6aGlkZGVuIWltcG9ydGFudH0uaS1hbXBodG1sLWZpdC10ZXh0LWNvbnRlbnQtd3JhcHBlcntsaW5lLWhlaWdodDoxLjE1ZW0haW1wb3J0YW50fS5pLWFtcGh0bWwtZml0LXRleHQtY29udGVudC1vdmVyZmxvd257ZGlzcGxheTpibG9jaztkaXNwbGF5Oi13ZWJraXQtYm94Oy13ZWJraXQtYm94LW9yaWVudDp2ZXJ0aWNhbDtvdmVyZmxvdzpoaWRkZW59LmktYW1waHRtbC1maXQtdGV4dC1tZWFzdXJlcntwb3NpdGlvbjphYnNvbHV0ZSFpbXBvcnRhbnQ7dG9wOjAhaW1wb3J0YW50O2xlZnQ6MCFpbXBvcnRhbnQ7ei1pbmRleDoxIWltcG9ydGFudDt2aXNpYmlsaXR5OmhpZGRlbiFpbXBvcnRhbnQ7bGluZS1oZWlnaHQ6MS4xNWVtIWltcG9ydGFudH1cbi8qIyBzb3VyY2VVUkw9L2V4dGVuc2lvbnMvYW1wLWZpdC10ZXh0LzAuMS9hbXAtZml0LXRleHQuY3NzKi88L3N0eWxlPjxtZXRhIGNvbnRlbnQ9XCJ2ZW5kb3I9ZG91YmxlY2xpY2ssdHlwZT1pbXByZXNzaW9uLWlkLHZhbHVlPUNKbmloLTdIODRFREZSV1Fnd2NkaWtBTlZ3XCIgbmFtZT1cImFtcDRhZHMtaWRcIj48bWV0YSBjb250ZW50PVwiQXZoNU55MFhFRkN5UTcrb05pZVhza1VycVk4ZWRVekw1L1hyd0tsR2pBUlFIVzRURlJLK2pWZDVIbkRJcFkyMG41T0xIZmdVNGt1N3g0OE4zdWhHL0EwQUFBQnhleUp2Y21sbmFXNGlPaUpvZEhSd2N6b3ZMMlJ2ZFdKc1pXTnNhV05yTG01bGREbzBORE1pTENKbVpXRjBkWEpsSWpvaVVISnBkbUZqZVZOaGJtUmliM2hCWkhOQlVFbHpJaXdpWlhod2FYSjVJam94TmprMU1UWTNPVGs1TENKcGMxTjFZbVJ2YldGcGJpSTZkSEoxWlgwPVwiIGh0dHAtZXF1aXY9XCJvcmlnaW4tdHJpYWxcIj48bWV0YSBjb250ZW50PVwiQWtGSXRKbW82YkY5VG5DeWV4N2s4cktYS0tKQkZFcmxyVnZjSGkrREp1TlFDSWRjbEJNamNmRzFieG9EL0hlQ0pOcnFkZnM4YjN0R1NWUFJFUlUyaWdzQUFBQjNleUp2Y21sbmFXNGlPaUpvZEhSd2N6b3ZMMmR2YjJkc1pYTjVibVJwWTJGMGFXOXVMbU52YlRvME5ETWlMQ0ptWldGMGRYSmxJam9pVUhKcGRtRmplVk5oYm1SaWIzaEJaSE5CVUVseklpd2laWGh3YVhKNUlqb3hOamsxTVRZM09UazVMQ0pwYz&i=2-13&t=adltag_lnow43fu_mip2d2D7bE&r=3bb80a83ef65df1abe1cf6ba49e7c53&c=deseretdigital&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-64.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
odvXiI1Ly1sj3Ab5_RmE7VvQnF.fsWxS
date
Fri, 13 Oct 2023 16:30:54 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
30449
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
0
last-modified
Fri, 28 Oct 2022 01:03:48 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
JVr9kZmiIMsQMzLpUKwDvk9id6itDY7oPCvHt-BGWZApemWRezyV1g==
place
deseretdigital-tagan.adlightning.com/ Frame CD28 		0
445 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://deseretdigital-tagan.adlightning.com/place?p=1&d=FOMVltUnZiV0ZwYmlJNmRISjFaWDA9XCIgaHR0cC1lcXVpdj1cIm9yaWdpbi10cmlhbFwiPjxsaW5rIGFzPVwic2NyaXB0XCIgaHJlZj1cImh0dHBzOi8vY2RuLmFtcHByb2plY3Qub3JnL3J0di8wMTIzMDkyOTAxNDEwMDAvYW1wNGFkcy12MC5tanNcIiByZWw9XCJwcmVsb2FkXCI%2BPHNjcmlwdCBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vY2RuLmFtcHByb2plY3Qub3JnL3J0di8wMTIzMDkyOTAxNDEwMDAvYW1wNGFkcy12MC5tanNcIj48L3NjcmlwdD48c2NyaXB0IGFzeW5jPVwiXCIgY3VzdG9tLWVsZW1lbnQ9XCJhbXAtYWQtZXhpdFwiIHNyYz1cImh0dHBzOi8vY2RuLmFtcHByb2plY3Qub3JnL3J0di8wMTIzMDkyOTAxNDEwMDAvdjAvYW1wLWFkLWV4aXQtMC4xLm1qc1wiPjwvc2NyaXB0PjxzY3JpcHQgYXN5bmM9XCJcIiBjdXN0b20tZWxlbWVudD1cImFtcC1hbmFseXRpY3NcIiBzcmM9XCJodHRwczovL2Nkbi5hbXBwcm9qZWN0Lm9yZy9ydHYvMDEyMzA5MjkwMTQxMDAwL3YwL2FtcC1hbmFseXRpY3MtMC4xLm1qc1wiPjwvc2NyaXB0PjxzY3JpcHQgYXN5bmM9XCJcIiBjdXN0b20tZWxlbWVudD1cImFtcC1maXQtdGV4dFwiIHNyYz1cImh0dHBzOi8vY2RuLmFtcHByb2plY3Qub3JnL3J0di8wMTIzMDkyOTAxNDEwMDAvdjAvYW1wLWZpdC10ZXh0LTAuMS5tanNcIj48L3NjcmlwdD48c2NyaXB0IGFzeW5jPVwiXCIgY3VzdG9tLWVsZW1lbnQ9XCJhbXAtZm9ybVwiIHNyYz1cImh0dHBzOi8vY2RuLmFtcHByb2plY3Qub3JnL3J0di8wMTIzMDkyOTAxNDEwMDAvdjAvYW1wLWZvcm0tMC4xLm1qc1wiPjwvc2NyaXB0PjxzdHlsZSBhbXAtY3VzdG9tPVwiXCI%2BSFRNTCxCT0RZe2hlaWdodDoxMDAlO3dpZHRoOjEwMCU7bWFyZ2luOjA7cGFkZGluZzowO31CT0RZe30jbXlzLW92ZXJsYXl7aGVpZ2h0OjEwMCU7d2lkdGg6MTAwJTtvdmVyZmxvdzpoaWRkZW47cG9zaXRpb246YWJzb2x1dGU7dG9wOjA7bGVmdDowO2JveC1zaXppbmc6Ym9yZGVyLWJveDtwb2ludGVyLWV2ZW50czpub25lO3otaW5kZXg6MTtkaXNwbGF5Om5vbmU7fUJPRFkgQSxCT0RZIEE6dmlzaXRlZCxCT0RZIEE6aG92ZXIsQk9EWSBBOmFjdGl2ZXtjb2xvcjppbmhlcml0O2N1cnNvcjpwb2ludGVyO3RleHQtZGVjb3JhdGlvbjppbmhlcml0O31bZGlyPXJ0bF0gLmZsaXAtb24tcnRse3RyYW5zZm9ybTpzY2FsZSgtMSwxKTt0cmFuc2Zvcm0tb3JpZ2luOmNlbnRlcjt9Lm5zLTVyY2djLWwtYmFubmVye29wYWNpdHk6LjAxO3Bvc2l0aW9uOmFic29sdXRlO3RvcDowO2xlZnQ6MDtkaXNwbGF5OmJsb2NrO3dpZHRoOjk3MHB4O2hlaWdodDoyNTBweDt9Lm5zLTVyY2djLWUtMHtib3gtc2l6aW5nOmJvcmRlci1ib3g7ZGlzcGxheTpmbGV4O2ZsZXgtZGlyZWN0aW9uOmNvbHVtbjtmb250LWZhbWlseTpHb29nbGUgU2FucyxSb2JvdG8sQXJpYWwsc2Fucy1zZXJpZjtmb250LXNpemU6MTBweDtoZWlnaHQ6MTAwJTt3aWR0aDoxMDAlO30ubnMtNXJjZ2MtZS0xe2JveC1zaXppbmc6Ym9yZGVyLWJveDtkaXNwbGF5OmZsZXg7YWxpZ24taXRlbXM6Y2VudGVyO2ZsZXgtZGlyZWN0aW9uOnJvdztmbGV4OjEgMCAwO30ubnMtNXJjZ2MtZS0yLC5ucy01cmNnYy1lLTI0e2Rpc3BsYXk6YmxvY2s7fS5ucy01cmNnYy1lLTN7ZGlzcGxheTpibG9jaztmbGV4LXNocmluazowO2ZsZXgtZ3JvdzowO2hlaWdodDoyNTBweDttYXgtd2lkdGg6MTIwMHB4O21heC1oZWlnaHQ6NjI4cHg7fS5ucy01cmNnYy1lLTR7Ym94LXNpemluZzpib3JkZXItYm94O3dpZHRoOjFweDtoZWlnaHQ6MjUwcHg7fS5ucy01cmNnYy1lLTV7ZGlzcGxheTpmbGV4O2ZsZXgtZGlyZWN0aW9uOmNvbHVtbjtib3gtc2l6aW5nOmJvcmRlci1ib3g7Ym9yZGVyLXRvcDoxcHggc29saWQgcmdiYSgwLDAsMCwwLjE1KTtib3JkZXItYm90dG9tOjFweCBzb2xpZCByZ2JhKDAsMCwwLDAuMTUpO2JvcmRlci1yaWdodDoxcHggc29saWQgcmdiYSgwLDAsMCwwLjE1KTtmbGV4OjEgMCAwO2hlaWdodDoxMDAlO30ubnMtNXJjZ2MtZS02e2JveC1zaXppbmc6Ym9yZGVyLWJveDtkaXNwbGF5OmZsZXg7ZmxleC1kaXJlY3Rpb246Y29sdW1uO2ZsZXg6My41IDAgMDtqdXN0aWZ5LWNvbnRlbnQ6Y2VudGVyO30ubnMtNXJjZ2MtZS03e2JveC1zaXppbmc6Ym9yZGVyLWJveDtkaXNwbGF5OmZsZXg7YWxpZ24taXRlbXM6Y2VudGVyO2ZsZXgtZGlyZWN0aW9uOnJvdztmbGV4OjUgMCAwO30ubnMtNXJjZ2MtZS04e2JveC1zaXppbmc6Ym9yZGVyLWJveDtkaXNwbGF5OmZsZXg7ZmxleC1kaXJlY3Rpb246Y29sdW1uO2ZsZXg6MTAgMCAwO2hlaWdodDoxMDAlO30ubnMtNXJjZ2MtZS05LC5ucy01cmNnYy1lLTE1e2JveC1zaXppbmc6Ym9yZGVyLWJveDtmbGV4OjIgMCAwO30ubnMtNXJjZ2MtZS0xMHtib3gtc2l6aW5nOmJvcmRlci1ib3g7Zm9udC13ZWlnaHQ6NTAwO2xpbmUtaGVpZ2h0OjEuMztmb250LWZhbWlseTo7fS5ucy01cmNnYy1lLTEye2JveC1zaXppbmc6Ym9yZGVyLWJveDtmbGV4OjEgMCAwO30ubnMtNXJjZ2MtZS0xM3tib3gtc2l6aW5nOmJvcmRlci1ib3g7Zm9udC13ZWlnaHQ6MzAwO2xpbmUtaGVpZ2h0OjEuMjt9Lm5zLTVyY2djLWUtMTZ7Ym94LXNpemluZzpib3JkZXItYm94O2hlaWdodDoxLjNweDt9Lm5zLTVyY2djLWUtMTd7Ym94LXNpemluZzpib3JkZXItYm94O2Rpc3BsYXk6ZmxleDthbGlnbi1pdGVtczpjZW50ZXI7ZmxleC1kaXJlY3Rpb246cm93O292ZXJmbG93OnZpc2libGU7ZmxleDoxIDAgMDt9Lm5zLTVyY2djLWUtMTh7ZGlzcGxheTpibG9jaztwb3NpdGlvbjphYnNvbHV0ZTtib3R0b206MDtvdmVyZmxvdzp2aXNpYmxlO2hlaWdodDowO3dpZHRoOjQ4NXB4O2xlZnQ6NDg1cHg7fS5ucy01cmNnYy1lLTE5e2JveC1zaXppbmc6Ym9yZGVyLWJveDtmb250LXdlaWdodDo0MDA7bGluZS1oZWlnaHQ6MS4zO21heC1oZWlnaHQ6Mi42ZW07fS5ucy01cmNnYy1lLTIxe2JveC1zaXppbmc6Ym9yZGVyLWJveDtmbGV4LWdyb3c6MTt9Lm5zLTVyY2djLWUtMjJ7Ym94LXNpemluZzpib3JkZXItYm94O2ZvbnQtd2VpZ2h0OjUwMDtsaW5lLWhlaWdodDoxLjM7bWF4LWhlaWdodDoxLjNlbTtwYWRkaW5nLXJpZ2h0OjNweDt9Lm5zLTVyY2djLWUtMjV7Ym94LXNpemluZzpib3JkZXItYm94O30ubnMtNXJjZ2MtZS0yNntmbGV4LXNocmluazowO2ZsZXgtZ3JvdzowO2Rpc3BsYXk6YmxvY2s7Ym9yZGVyOm5vbmU7fS5ucy01cmNnYy1lLTI3e2ZsZXgtc2hyaW5rOjA7ZmxleC1ncm93OjA7ZGlzcGxheTpibG9jaztib3JkZXI6bm9uZTtwb3NpdGlvbjpyZWxhdGl2ZTt0b3A6LTEwMCU7fS5ucy01cmNnYy1lLTI4e2JveC1zaXppbmc6Ym9yZGVyLWJveDtwb3NpdGlvbjphYnNvbHV0ZTtoZWlnaHQ6MXB4O3dpZHRoOjQ3OHB4O30ubnMtNXJjZ2MtZS0yOXtib3gtc2l6aW5nOmJvcmRlci1ib3g7cG9zaXRpb246YWJzb2x1dGU7aGVpZ2h0OjFweDt3aWR0aDo0NzhweDtib3R0b206MHB4O30ubnMtNXJjZ2MtZS0zMHtib3gtc2l6aW5nOmJvcmRlci1ib3g7cG9zaXRpb246YWJzb2x1dGU7d2lkdGg6MXB4O2hlaWdodDoyNTBweDt9Lm5zLTVyY2djLXYtMCAubnMtNXJjZ2MtZS02e3BhZGRpbmc6MCAyNXB4O30ubnMtNXJjZ2Mtdi0wIC5ucy01cmNnYy1lLTksLm5zLTVyY2djLXYtMCAubnMtNXJjZ2MtZS0xNXttaW4taGVpZ2h0OjEwcHg7fS5ucy01cmNnYy12LTAgLm5zLTVyY2djLWUtMTB7Zm9udC1zaXplOjMwcHg7fS5ucy01cmNnYy12LTAgLm5zLTVyY2djLWUtMTJ7bWluLWhlaWdodDo2cHg7fS5ucy01cmNnYy12LTAgLm5zLTVyY2djLWUtMTMsLm5zLTVyY2djLXYtMCAubnMtNXJjZ2MtZS0xOXtmb250LXNpemU6MThweDt9Lm5zLTVyY2djLXYtMCAubnMtNXJjZ2MtZS0xN3toZWlnaHQ6MjBweDtwYWRkaW5nOjAgMjVweDt9Lm5zLTVyY2djLXYtMCAubnMtNXJjZ2MtZS0yMntmb250LXNpemU6MTlweDt9Lm5zLTVyY2djLXYtMCAubnMtNXJjZ2MtZS0yNSwubnMtNXJjZ2Mtdi0wIC5ucy01cmNnYy1lLTI2LC5ucy01cmNnYy12LTAgLm5zLTVyY2djLWUtMjd7aGVpZ2h0OjI1cHg7fS5ucy01cmNnYy1sLWJhbm5lcntvcGFjaXR5OjE7cG9zaXRpb246cmVsYXRpdmU7fUBrZXlmcmFtZXMgZnJhbWVTY3JvbGx7MCUsMjIle3RyYW5zZm9ybTp0cmFuc2xhdGVZKDI1JSk7fTI4JSw3MiV7dHJhbnNmb3JtOnRyYW5zbGF0ZVkoLTI1JSk7fTc4JSwxMDAle3RyYW5zZm9ybTp0cmFuc2xhdGVZKDI1JSk7fX1Aa2V5ZnJhbWVzIGZyYW1lRmFkZTF7MCUsMjIle29wYWNpdHk6MTt9MjglLDcyJXtvcGFjaXR5OjA7fTc4JSwxMDAle29wYWNpdHk6MTt9fUBrZXlmcmFtZXMgZnJhbWVGYWRlMnswJSwyMiV7b3BhY2l0eTowO30yOCUsNzIle29wYWNpdHk6MTt9NzglLDEwMCV7b3BhY2l0eTowO319Lm5zLTVyY2djLWUtMHtiYWNrZ3JvdW5kLWNvbG9yOiNmZmY7fS5ucy01cmNnYy1lLTN7YmFja2dyb3VuZC1pbWFnZTp1cmwoaHR0cHM6Ly90cGMuZ29vZ2xlc3luZGljYXRpb24uY29tL3NpbWdhZC80Njg4NTA2NDI2NjcyNDM0NjYxLzE0NzYzMDA0NjU4MTE3Nzg5NTM3P3c9NjAwJmg9MzE0JnR3PTEmcT03NSk7YmFja2dyb3VuZC1yZXBlYXQ6bm8tcmVwZWF0O2JhY2tncm91bmQtc2l6ZTpjb250YWluO21pbi13aWR0aDo0NzguMHB4O21heC13aWR0aDo0NzguMHB4O21pbi1oZWlnaHQ6MjUwLjBweDttYXgtaGVpZ2h0OjI1MC4wcHg7fS5ucy01cmNnYy1lLTQsLm5zLTVyY2djLWUtMTZ7YmFja2dyb3VuZC1jb2xvcjojZTllOWU5O30ubnMtNXJjZ2MtZS01e2JvcmRlci10b3AtcmlnaHQtcmFkaXVzOjZweDtib3JkZXItYm90dG9tLXJpZ2h0LXJhZGl1czo2cHg7fS5ucy01cmNnYy1lLTEwe2NvbG9yOnJnYmEoMCwwLDAsMC44NSk7Zm9udC1mYW1pbHk6XCJHb29nbGUgU2Fuc1wiLCBcIlJvYm90b1wiLEdvb2dsZSBTYW5zLFJvYm90byxBcmlhbCxzYW5zLXNlcmlmO30ubnMtNXJjZ2MtZS0xMSwubnMtNXJjZ2MtZS0xNCwubnMtNXJjZ2MtZS0yMCwubnMtNXJjZ2MtZS0yM3t3aGl0ZS1zcGFjZTpub3dyYXA7fS5ucy01cmNnYy1lLTEze2NvbG9yOnJnYmEoMCwwLDAsMC41KTtmb250LWZhbWlseTpcIkdvb2dsZSBTYW5zXCIsIFwiUm9ib3RvXCIsR29vZ2xlIFNhbnMsUm9ib3RvLEFyaWFsLHNhbnMtc2VyaWY7Zm9udC13ZWlnaHQ6NDAwO30ubnMtNXJjZ2MtZS0xOHtjb2xvcjp0cmFuc3BhcmVudDt9Lm5zLTVyY2djLWUtMTl7Y29sb3I6cmdiYSgwLDAsMCwwLjc1KTtmb250LWZhbWlseTpcIkdvb2dsZSBTYW5zXCIsIFwiUm9ib3RvXCIsR29vZ2xlIFNhbnMsUm9ib3RvLEFyaWFsLHNhbnMtc2VyaWY7fS5ucy01cmNnYy1lLTIye2NvbG9yOiM0ODk2ZmE7YmFja2dyb3VuZC1jb2xvcjojZmZmO2ZvbnQtZmFtaWx5OlwiR29vZ2xlIFNhbnNcIiwgXCJSb2JvdG9cIixHb29nbGUgU2FucyxSb2JvdG8sQXJpYWwsc2Fucy1zZXJpZjt9Lm5zLTVyY2djLWUtMjZ7YmFja2dyb3VuZC1jb2xvcjp0cmFuc3BhcmVudDtib3JkZXItcmFkaXVzOjUwJTtiYWNrZ3JvdW5kLWltYWdlOnVybChkYXRhOmltYWdlL3N2Zyt4bWw7YmFzZTY0LFBITjJaeUI0Yld4dWN6MGlhSFIwY0RvdkwzZDNkeTUzTXk1dmNtY3ZNakF3TUM5emRtY2lJSFpwWlhkQ2IzZzlJakFnTUNBeE1EQWdNVEF3SWo0OGNHOXNlV3hwYm1VZ1ptbHNiRDBpYm05dVpTSWdjRzlwYm5SelBTSXpPQ3d5TXlBMk5TdzFNQ0F6T0N3M055SWdjM1J5YjJ0bExYZHBaSFJvUFNJNElpQnpkSEp2YTJVdGJHbHVaV05oY0QwaWNtOTFibVFpSUhOMGNtOXJaUzFzYVc1bGFtOXBiajBpY205MWJtUWlJSE4wY205clpUMGlJMlptWmlJK1BDOXdiMng1YkdsdVpUNDhMM04yWno0PSk7bWluLXdpZHRoOjI1LjBweDttYXgtd2lkdGg6MjUuMHB4O21pbi1oZWlnaHQ6MjUuMHB4O21heC1oZWlnaHQ6MjUuMHB4O30ubnMtNXJjZ2MtZS0yN3tiYWNrZ3JvdW5kLWNvbG9yOnRyYW5zcGFyZW50O2JvcmRlci1yYWRpdXM6NTAlO2JhY2tncm91bmQtaW1hZ2U6dXJsKGRhdGE6aW1hZ2Uvc3ZnK3htbDtiYXNlNjQsUEhOMlp5QjRiV3h1Y3owaWFIUjBjRG92TDNkM2R5NTNNeTV2Y21jdk1qQXdNQzl6ZG&i=3-13&t=adltag_lnow43fu_mip2d2D7bE&r=3bb80a83ef65df1abe1cf6ba49e7c53&c=deseretdigital&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-64.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
odvXiI1Ly1sj3Ab5_RmE7VvQnF.fsWxS
date
Fri, 13 Oct 2023 16:30:54 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
30449
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
0
last-modified
Fri, 28 Oct 2022 01:03:48 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
78YJjCh0hfgj3k2fF3ipdXC2Cb4g7Ev5pCNqFK2IDjfWIS0dy_S5Kw==
place
deseretdigital-tagan.adlightning.com/ Frame CD28 		0
444 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://deseretdigital-tagan.adlightning.com/place?p=1&d=1jaUlIWnBaWGRDYjNnOUlqQWdNQ0F4TURBZ01UQXdJajQ4Y0c5c2VXeHBibVVnWm1sc2JEMGlibTl1WlNJZ2NHOXBiblJ6UFNJek9Dd3lNeUEyTlN3MU1DQXpPQ3czTnlJZ2MzUnliMnRsTFhkcFpIUm9QU0k0SWlCemRISnZhMlV0YkdsdVpXTmhjRDBpY205MWJtUWlJSE4wY205clpTMXNhVzVsYW05cGJqMGljbTkxYm1RaUlITjBjbTlyWlQwaUl6UTRPVFptWVNJK1BDOXdiMng1YkdsdVpUNDhMM04yWno0PSk7bWluLXdpZHRoOjI1LjBweDttYXgtd2lkdGg6MjUuMHB4O21pbi1oZWlnaHQ6MjUuMHB4O21heC1oZWlnaHQ6MjUuMHB4O30ubnMtNXJjZ2MtZS0yOCwubnMtNXJjZ2MtZS0yOSwubnMtNXJjZ2MtZS0zMHtiYWNrZ3JvdW5kLWNvbG9yOnJnYmEoMCwwLDAsMC4xNSk7fS5hYmdjIHtwb3NpdGlvbjphYnNvbHV0ZTt6LWluZGV4OjIxNDc0ODM2NDY7cmlnaHQ6MDt0b3A6MDt9LmFiZ2MgYW1wLWltZywgLmFiZ2MgaW1nIHtkaXNwbGF5OmJsb2NrO30uYWJncyB7cG9zaXRpb246YWJzb2x1dGU7LXdlYmtpdC10cmFuc2Zvcm06dHJhbnNsYXRlWCg5MnB4KTt0cmFuc2Zvcm06dHJhbnNsYXRlWCg5MnB4KTtyaWdodDoxN3B4O3RvcDoxcHg7fS5hYmdjcCB7cG9zaXRpb246YWJzb2x1dGU7cmlnaHQ6MDt0b3A6MDt3aWR0aDozMnB4O2hlaWdodDoxNXB4O3BhZGRpbmctbGVmdDoxMHB4O3BhZGRpbmctYm90dG9tOjEwcHg7fS5hYmdiIHtwb3NpdGlvbjpyZWxhdGl2ZTttYXJnaW4tcmlnaHQ6MTdweDt0b3A6MXB4O30uYWJnYzpob3ZlciAuYWJncyB7LXdlYmtpdC10cmFuc2Zvcm06bm9uZTt0cmFuc2Zvcm06bm9uZTt9LmNiYntkaXNwbGF5OmJsb2NrO3Bvc2l0aW9uOmFic29sdXRlO3JpZ2h0OjFweDt0b3A6MXB4O2N1cnNvcjpwb2ludGVyO2hlaWdodDoxNXB4O3dpZHRoOjE1cHg7ei1pbmRleDo5MDIwO3BhZGRpbmctbGVmdDoxNnB4O31AbWVkaWEgKG1heC13aWR0aDozNzVweCkgYW5kIChtaW4taGVpZ2h0OjEwMHB4KXsuYnRue2Rpc3BsYXk6YmxvY2s7d2lkdGg6OTAlO21heC13aWR0aDoyNDBweDttYXJnaW4tbGVmdDphdXRvO21hcmdpbi1yaWdodDphdXRvfX0jc3B2MSBhbXAtZml0LXRleHQ%2BZGl2ey13ZWJraXQtanVzdGlmeS1jb250ZW50OmZsZXgtc3RhcnQ7anVzdGlmeS1jb250ZW50OmZsZXgtc3RhcnR9LmptLnNoICNzcHYxIGFtcC1maXQtdGV4dD5kaXZ7LXdlYmtpdC1qdXN0aWZ5LWNvbnRlbnQ6Y2VudGVyO2p1c3RpZnktY29udGVudDpjZW50ZXJ9Lmp0IC5wbiBhbXAtZml0LXRleHQ%2BZGl2ey13ZWJraXQtanVzdGlmeS1jb250ZW50OmZsZXgtc3RhcnQ7anVzdGlmeS1jb250ZW50OmZsZXgtc3RhcnR9I3NidG46aG92ZXIsI3NidG46YWN0aXZle2JhY2tncm91bmQtY29sb3I6I2Y1ZjVmNX0jcmJ0bjpob3ZlciwjcmJ0bjphY3RpdmV7YmFja2dyb3VuZC1jb2xvcjojMzI3NWU1fSNtdGF7bGVmdDowO30jbXRhIGlucHV0W3R5cGU9XCJyYWRpb1wiXXtkaXNwbGF5Om5vbmV9I210YSAucG57cmlnaHQ6LTk3MHB4O3RvcDotMjUwcHg7d2lkdGg6OTcwcHg7aGVpZ2h0OjI1MHB4O30uc2ggI3NwdjJ7LXdlYmtpdC1mbGV4LWRpcmVjdGlvbjpyb3c7ZmxleC1kaXJlY3Rpb246cm93Oy13ZWJraXQtanVzdGlmeS1jb250ZW50OmNlbnRlcjtqdXN0aWZ5LWNvbnRlbnQ6Y2VudGVyfS5zaC5zciAjc3B2Mnstd2Via2l0LWp1c3RpZnktY29udGVudDpmbGV4LXN0YXJ0O2p1c3RpZnktY29udGVudDpmbGV4LXN0YXJ0fS5qdC5zdiAjc3B2Mnstd2Via2l0LWp1c3RpZnktY29udGVudDpmbGV4LXN0YXJ0O2p1c3RpZnktY29udGVudDpmbGV4LXN0YXJ0Oy13ZWJraXQtYWxpZ24taXRlbXM6Y2VudGVyO2FsaWduLWl0ZW1zOmNlbnRlcn0jc3B2MiAqey1tb3otYm94LXNpemluZzpib3JkZXItYm94Oy13ZWJraXQtYm94LXNpemluZzpib3JkZXItYm94O2JveC1zaXppbmc6Ym9yZGVyLWJveH0jc3ByMTpjaGVja2VkIH4gI2NiYiwjc3ByMjpjaGVja2VkIH4gI2NiYiwjc3ByMzpjaGVja2VkIH4gI2NiYntkaXNwbGF5Om5vbmV9LmFtcC1hbmltYXRlICNzcHY0e29wYWNpdHk6MDt0cmFuc2l0aW9uOm9wYWNpdHkgLjVzIGxpbmVhciAyLjVzfS5hbXAtYW5pbWF0ZSAgI3NwdjMgYW1wLWZpdC10ZXh0e29wYWNpdHk6MTt0cmFuc2l0aW9uOm9wYWNpdHkgLjVzIGxpbmVhciAyc30jc3ByMzpjaGVja2VkIH4gI3NwdjMgYW1wLWZpdC10ZXh0e29wYWNpdHk6MH0jc3ByMzpjaGVja2VkIH4gI3NwdjR7b3BhY2l0eToxfSNzcHIxOmNoZWNrZWQgfiAjc3B2MSwjc3ByMjpjaGVja2VkIH4gI3NwdjIsI3NwcjM6Y2hlY2tlZCB%2BICNzcHYzLCNzcHIzOmNoZWNrZWQgfiAjc3B2NHtyaWdodDowcHg7dG9wOjBweH1bZGlyPVwicnRsXCJdIC5jbG9zZXt0cmFuc2Zvcm06c2NhbGVYKC0xKX0uY3Qgc3Zne2JvcmRlcjowO21hcmdpbjowIDAgLS40NWVtIDA7ZGlzcGxheTppbmxpbmUtYmxvY2s7aGVpZ2h0OjEuMzhlbTtvcGFjaXR5Oi40fSN0aXt3aWR0aDo5NzBweH0jYnRuc3t3aWR0aDo5NzBweH0uZmx7d2lkdGg6OTcwcHg7aGVpZ2h0OjI1MHB4O30uc2J7aGVpZ2h0OjUwcHh9LnNve3dpZHRoOjk2cHg7aGVpZ2h0OjUwcHg7fS5zbzpob3Zlciwuc286YWN0aXZle2JhY2tncm91bmQtY29sb3I6I2Y1ZjVmNX1AbWVkaWEgKG1pbi1oZWlnaHQ6NTRweCl7LnNoLnNzIC5zbywuc3YgLnNve2JveC1zaGFkb3c6MHB4IDBweCAycHggcmdiYSgwLDAsMCwuMTIpLCAwcHggMXB4IDNweCByZ2JhKDAsMCwwLC4yNik7Ym9yZGVyOm5vbmV9fS5zaCAuc297bWFyZ2luLWxlZnQ6LTFweDtib3gtc2hhZG93Om5vbmV9LnNoIC5zbzpmaXJzdC1jaGlsZHttYXJnaW4tbGVmdDowfS5zaC5zcyAuc297bWFyZ2luLWxlZnQ6OHB4fS5zaC5zcyAuc286Zmlyc3QtY2hpbGR7bWFyZ2luLWxlZnQ6MH0uc2guanQgLnNie21hcmdpbi10b3A6OHB4fS5zdiAuc28sLnNoLnNzIC5zb3tib3JkZXItcmFkaXVzOjJweH08L3N0eWxlPjxsaW5rIGhyZWY9XCJodHRwczovL2ZvbnRzLmdvb2dsZWFwaXMuY29tL2Nzcz9mYW1pbHk9R29vZ2xlJTIwU2FucyUzQTQwMCUyQzUwMFwiIHJlbD1cInN0eWxlc2hlZXRcIj48bGluayByZWw9XCJwcmVjb25uZWN0XCIgaHJlZj1cImh0dHBzOi8vdHBjLmdvb2dsZXN5bmRpY2F0aW9uLmNvbVwiIHJlZmVycmVycG9saWN5PVwib3JpZ2luXCI%2BPGxpbmsgcmVsPVwicHJlY29ubmVjdFwiIGhyZWY9XCJodHRwczovL3NlY3VyZXB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldFwiIHJlZmVycmVycG9saWN5PVwib3JpZ2luXCI%2BPC9oZWFkPjxib2R5IGNsYXNzPVwiYW1wLWFuaW1hdGUgYW1wLW1vZGUtbW91c2VcIiBtYXJnaW53aWR0aD1cIjBcIiBtYXJnaW5oZWlnaHQ9XCIwXCIgc3R5bGU9XCJvcGFjaXR5OiAxOyB2aXNpYmlsaXR5OiB2aXNpYmxlOyBhbmltYXRpb246IGF1dG8gZWFzZSAwcyAxIG5vcm1hbCBub25lIHJ1bm5pbmcgbm9uZTtcIj48ZGl2IGlkPVwibXlzLW92ZXJsYXlcIj48L2Rpdj48YW1wLWFkLWV4aXQgY2xhc3M9XCJpLWFtcGh0bWwtbGF5b3V0LWNvbnRhaW5lciBpLWFtcGh0bWwtZWxlbWVudCBpLWFtcGh0bWwtYnVpbHRcIiBpLWFtcGh0bWwtbGF5b3V0PVwiY29udGFpbmVyXCIgaWQ9XCJhc29jaC1leGl0LWFwaVwiIGFyaWEtaGlkZGVuPVwidHJ1ZVwiPjxzY3JpcHQgdHlwZT1cImFwcGxpY2F0aW9uL2pzb25cIj57XCJ0YXJnZXRzXCI6e1wiYWQwXCI6e1widmFyc1wiOntcIl9hc29jaE5iUGFyYW1cIjp7XCJkZWZhdWx0VmFsdWVcIjpcIlwifX0sXCJiZWhhdmlvcnNcIjp7XCJjbGlja1RhcmdldFwiOlwiX3RvcFwifSxcImZpbmFsVXJsXCI6XCJodHRwczovL2hvZmZtYW5uLWdlcm1hbnkuZGUvP3RyY19nY21wX2lkPTEzOTYwMDI0NTUyJnRyY19nYWdfaWQ9MTQwMjk2MjU2Nzc3JnRyY19nYWRfaWQ9NjYyMDk3MzU3MjgzJnV0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09cGFpZCZ1dG1fY2FtcGFpZ249MTM5NjAwMjQ1NTImdXRtX2NvbnRlbnQ9MTQwMjk2MjU2Nzc3JnV0bV90ZXJtPSZnYWRpZD02NjIwOTczNTcyODMmZ2NsaWQ9RUFJYUlRb2JDaE1JbWVLSDdzZnpnUU1WRlpDREJ4MktRQTFYRUFFWUFTQUFFZ0sxWnZEX0J3RVwiLFwidHJhY2tpbmdVcmxzXCI6W1wiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L2FjbGs%2Fc2E9bCZhaT1Dd1I5TkJvQXBaWm5IR1pXZ2p1d1Bpb0cxdUFYVC12VG9jc3ZZeVA2MUVjQ2hpcl9FTlJBQklKYjJsSThCWUpYQ3BvS3dCNkFCOTVqSHpBTElBUW1wQWlqbk10ZzJwYkUtNEFJQXFBTUJ5QU1LcWdUd0FrX1FuUzBOVU9qenkwalB3WkdtWTFheFpiSW9pS1BoeDJFdzFhbkY4eUdSZERJaXdkR29CcGR6dUlXSGF4LV95c196T3Jvak1ZTUdTQkN6Y0Iwb3U5N1o3YmNEaERQWnZDNUJSa3V5RmJaVFAtVHplTHZpcjJWVWQ1YUUtWG5TSk9zZWZHdnM0dTVTMmtrN3NNbXpsU19mbEJzVTViaUUwSWJINzNwMWhHTFVFdkRMMk5objMwQ0xNT256Wk5PQzkxSGZyNm00RXBoWnBYSnlTeElHVFRYeU5iRzR6NnYzZENzUUFDTkJFQTZTdjhRMzNoM3B6UGF1U3pVelg1WXdrNHlubXJ4ZEN3ZkZhWmtwTk00QW5vVXZqODdVUVVHTGFEQ2pMaWVtWXVBdHBjU2REVC1QdERyd2RScDNTU0hkal9xaDlrc3NmVHRFVHh0bjB2NU51bVJ1X2N3NHJ5YXVhRnNobU9RWklwMEZBWTR6bl95SDVpbWZoaHhTRHBjcHg2WTFFdXdjUHg4N1czUXdnVjM1d0FjTUJ3aXMzQUduMy1QNk5RVVNGV1IwU2cyOEhSd0pIMG5ScGNlcXFBRGgtNkJHLXNfTDZNbzhPTHhJZzVzTkRTblQtQkc3TnFPbkJpaUt2R2hWdjJpendBU0otcnZTaWdUZ0JBR0lCZWlqMUlBMG9BWXVnQWZ4NXJpekFhZ0gyYmF4QXFnSGpzNGJxQWVUMkJ1b0ItNldzUUtvQl82ZXNRS29CNlNqc1FLb0I5WEpHNmdIcHI0YnFBZWFCcWdIODlFYnFBZVcyQnVvQjZxYnNRS29CNE90c1FLb0JfLWVzUUtvQjktZnNRTFlCd0RTQ0JZSWdPR0FjQkFCR0IweUF1c0NPZ0tBUUVpOV9jRTZzUWxhZFExTmp2a2wwb0FLQTVnTEFjZ0xBWUFNQWFvTkFrUkZ5QTBCNGcwVENMUEpodTdIODRFREZSV1Fnd2NkaWtBTlY5Z1REZEFWQVpnV0FmZ1dBWUFYQVEmYWU9MSZnY2xpZD1FQUlhSVFvYkNoTUltZUtIN3NmemdRTVZGWkNEQngyS1FBMVhFQUVZQVNBQUVnSzFadkRfQndFJm51bT0xJmNpZD1DQVFTT3dESUNhYU42dlNWYTVORDVtbC15ZXVsZ2F1X0xZQzctOGNuTmdTOXRjclZBY2owNlVmR2FBaGxKNzZVeE5UUTgyR0ZhRllNLXdkZ3JRLThHQUUmc2lnPUFPRDY0XzBBdlM2dF93M21BRzFIeE1KeHRYLTFoMVFBeWcmY2xpZW50PWNhLXB1Yi02MjgwODI2NjI3NzIxMTQ2JnJmPTQmbmI9X2Fzb2NoTmJQYXJhbSZ1YXA9VUFDSChwbGF0Zm9ybSkmdWFwdj1VQUNIKHBsYXRmb3JtVmVyc2lvbikmdWFhPVVBQ0goYXJjaGl0ZWN0dXJlKSZ1YW09VUFDSChtb2RlbCkmdWFmdj1VQUNIKHVhRnVsbFZlcnNpb24pJnVhYj1VQUNIKGJpdG5lc3MpJnVhdz1VQUNIKHdvdzY0KSZ1YWZ2bD1VQUNIKGZ1bGxWZXJzaW9uTGlzdCkmbng9Q0xJQ0tfWCZueT1DTElDS19ZJmFjdD0xJnJpPTEmYWR1cmw9aHR0cHM6Ly9ob2ZmbWFubi1nZXJtYW55LmRlLyUzRnRyY19nY21wX2lkJTNEMTM5NjAwMjQ1NTIlMjZ0cmNfZ2FnX2lkJTNEMTQwMjk2MjU2Nzc3JTI2dHJjX2dhZF9pZCUzRDY2MjA5NzM1NzI4MyUyNnV0bV9zb3VyY2UlM0Rnb29nbGUlMjZ1dG1fbWVkaXVtJTNEcGFpZCUyNnV0bV9jYW1wYWlnbiUzRDEzOTYwMDI0NTUyJTI2dXRtX2NvbnRlbnQlM0QxNDAyOTYyNTY3NzclMjZ1dG1fdGVybSUzRCUyNmdhZGlkJTNENjYyMDk3MzU3MjgzJTI2Z2NsaWQlM0RFQUlhSVFvYkNoTUltZUtIN3NmemdRTVZGWkNEQngyS1FBMVhFQUVZQVNBQUVnSzFadkRfQndFXCJdLFwiZmlsdGVyc1wiOltcImZpbHRlcjBcIl19fSxcImZpbHRlcnNcIjp7XCJmaWx0ZXIwXCI6e1widHlwZVwiOlwiY2xpY2tMb2NhdGlvblwiLFwidG9wXCI6MTAsXCJyaWdodFwiOjEwLFwiYm90dG9tXCI6MTAsXCJsZWZ0XCI6MTAsXCJyZWxhdGl2ZVRvXCI6XCJbZGF0YS1pZmMtYW1wPVxcXCJmaWx0ZXIwXFxcIl1cIn19fTwvc2NyaXB0PjwvYW1wLWFkLWV4aXQ%2BPGRpdiBjbGFzcz1c&i=4-13&t=adltag_lnow43fu_mip2d2D7bE&r=3bb80a83ef65df1abe1cf6ba49e7c53&c=deseretdigital&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-64.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
odvXiI1Ly1sj3Ab5_RmE7VvQnF.fsWxS
date
Fri, 13 Oct 2023 16:30:54 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
30449
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
0
last-modified
Fri, 28 Oct 2022 01:03:48 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
_nKCR7yx06Z2-l-nzA0ayPgcsieN0vrfgvc9Drrj8xB6KqBeNoButQ==
place
deseretdigital-tagan.adlightning.com/ Frame CD28 		0
445 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://deseretdigital-tagan.adlightning.com/place?p=1&d=Im5zLTVyY2djLWwtYmFubmVyIG5zLTVyY2djLXYtMFwiIGRhdGEtbmM9XCIxXCI%2BPGRpdiBjbGFzcz1cIm5zLTVyY2djLWUtMCB4LWxheW91dCBub24tc2t5c2NyYXBlci1jYXRlZ29yeSBHb29nbGVBY3RpdmVWaWV3RWxlbWVudFwiIGRhdGEtZ29vZ2xlLWF2LWFkaz1cIjE2MDM0MzAyMDlcIiBkYXRhLWdvb2dsZS1hdi1haWQ9XCIwXCIgZGF0YS1nb29nbGUtYXYtYnRyPVwiXCIgZGF0YS1nb29nbGUtYXYtY3BtYXY9XCJcIiBkYXRhLWdvb2dsZS1hdi1jeG49XCJodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL3Bjcy9hY3RpdmV2aWV3P3hhaT1BS0FPanN1ZVM5VHB6SkpJc1FrX0NLbm0zUGQxVGRCS3RCZ0Exd1R2LW9oUUhMV00wTnk2MWdPeEVtM3RjZ2V2SVlwUU1iWHNWa0d4LWJ1Y0xfVnVYeDNRV1ZSQXdrMEdWTE8yekRiNmdjTmp5YUd1TzVIbXoweEJ2OXBPVXJUdzhFNng2SDJ4Y3Iyem5OOW5DcEMzY3o4bE1OZ1lubW0tbzF0elpMZXY4RThsVWxrJmFtcDtzYWk9QU1mbC1ZUnpJaVFmMXNvVXBNbXJhQWxPLU5CaUpuWkxhckFmVzJfTGxxSmtIS3JuQ21LQXBaWWtTMnk4RjdZR1ZNVkV6Y3dHcm0zeC0tX3E5RDBKWTRhd2xFQy1Dd09CWDc1YzFqdmduTkhvaEowVUxUVFVBc042RnEwcXBxZyZhbXA7c2lnPUNnMEFyS0pTek5RNy1IZl85V3NNRUFFJmFtcDtjaWQ9Q0FRU093RElDYWFONnZTVmE1TkQ1bWwteWV1bGdhdV9MWUM3LThjbk5nUzl0Y3JWQWNqMDZVZkdhQWhsSjc2VXhOVFE4MkdGYUZZTS13ZGdyUS04R0FFXCIgZGF0YS1nb29nbGUtYXYtZG09XCIyXCIgZGF0YS1nb29nbGUtYXYtZmxhZ3M9XCJbJnF1b3Q7eCUyNzg0NDAnOWVmb3RtKCZhbXA7NzUzMzc0JTJiZWp2Zi8lMjc4NDQ%2BJzl3dXZiJCZhbXA7NTY1MzM%2BIT18dnFjKSEyNzM3OTQmYW1wOzxxcXZiLyU8MTczNTAyMCE9bmVodWAvITM2ND01MDUxITlhYmt7YSgkMTYwMjEwOjMmYW1wOzxjYm90ZisqMDE1MDAzNDolMmJlanZmLyU3MjsxNzYxMyE9ZWZkd2EqJzc2NDYzOzIxJD9lYmtwYiQmYW1wOzAzNjY3MTc%2BKj5iZ2lwZishMz03MTIzNjMlOWFpaHdjKSE3MjAyPDIxNyc5ZWZvdG0oJmFtcDsyMDA2MTs0OCZhbXA7PmBkb3BiLyU8MTcwNzIwMCE9OCgmYW1wOzIwMDU1NzU%2FJmFtcDs%2BYGRvcGIvJTwxNzA2NDI%2FIT18dnFjKSE3MjAxOz01MCc5d3V2YiQmYW1wOzAzNjQxNjU0Kj5iZ2lwZishMz03MzExMDMlOWFpaHdjKSE3MjAwPzA3Myc5ZWZvdG0oJmFtcDsyMDA0PzUxOyZhbXA7PmBkb3BiLyU8MTc%2BNDc0PiE9bmVodWAvITM2NDA2NDEyITlhYmt7YSgkMTY3NzQ1Oz0mYW1wOzxjYm90ZisqMDEyNTQxMzMlMmJlanZmLyU3Mjw0MzQxMiE9ZWZkd2EqJzc2MzI2PjcxJD8zLyU3Mjw2MDUzMCE9ZWZkd2EqJzc2MzEwOzQ8JD9lYmtwYiQmYW1wOzAzMTE7MDYwKj5iZ2lwZishMz0wNzY1MTQlOWFpaHdjeCZxdW90O11cIiBkYXRhLWdvb2dsZS1hdi1pdHBsPVwiMjJcIiBkYXRhLWdvb2dsZS1hdi1tZXRhZGF0YT1cImxhPTEmYW1wO3hkaT0wJmFtcDtcIiBkYXRhLWdvb2dsZS1hdi1uYWlkPVwiMVwiIGRhdGEtZ29vZ2xlLWF2LW92ZXJyaWRlPVwiLTFcIiBkYXRhLWdvb2dsZS1hdi1ycz1cIjRcIiBkYXRhLWdvb2dsZS1hdi1zbGlmdD1cIlwiIGRhdGEtZ29vZ2xlLWF2LXVmcy1pbnRlZ3JhdG9yLW1ldGFkYXRhPVwiRXUwREN1UURhSFIwY0hNNkx5OXdZV2RsWVdReUxtZHZiMmRzWlhONWJtUnBZMkYwYVc5dUxtTnZiUzl3WTNNdllXTjBhWFpsZG1sbGR6OTRZV2s5UVV0QlQycHpkV1ZUT1ZSd2VrcEtTWE5SYTE5RFMyNXRNMUJrTVZSa1FrdDBRbWRCTVhkVWRpMXZhRkZJVEZkTk1FNTVOakZuVDNoRmJUTjBZMmRsZGtsWmNGRk5ZbGh6Vm10SGVDMWlkV05NWDFaMVdIZ3pVVmRXVWtGM2F6QkhWa3hQTW5wRVlqWm5ZMDVxZVdGSGRVODFTRzE2TUhoQ2RqbHdUMVZ5VkhjNFJUWjROa2d5ZUdOeU1ucHVUamx1UTNCRE0yTjZPR3hOVG1kWmJtMXRMVzh4ZEhwYVRHVjJPRVU0YkZWc2F5WnpZV2s5UVUxbWJDMVpVbnBKYVZGbU1YTnZWWEJOYlhKaFFXeFBMVTVDYVVwdVdreGhja0ZtVnpKZlRHeHhTbXRJUzNKdVEyMUxRWEJhV1d0VE1uazRSamRaUjFaTlZrVjZZM2RIY20wemVDMHRYM0U1UkRCS1dUUmhkMnhGUXkxRGQwOUNXRGMxWXpGcWRtZHVUa2h2YUVvd1ZVeFVWRlZCYzA0MlJuRXdjWEJ4WnlaemFXYzlRMmN3UVhKTFNsTjZUbEUzTFVobVh6bFhjMDFGUVVVbVkybGtQVU5CVVZOUGQwUkpRMkZoVGpaMlUxWmhOVTVFTlcxc0xYbGxkV3huWVhWZlRGbEROeTA0WTI1T1oxTTVkR055VmtGamFqQTJWV1pIWVVGb2JFbzNObFY0VGxSUk9ESkhSbUZHV1UwdGQyUm5jbEV0T0VkQlJSSUFHZ0FnQVFcIiBkYXRhLWlmYz1cIltbWyZxdW90OzEwLCAxMCwgMTAsIDEwJnF1b3Q7LG51bGwsbnVsbCwyXV1dXCIgZGF0YS1pZmMtYW1wPVwiZmlsdGVyMFwiIGlkPVwiYmFubmVyXCIgbGFuZz1cImRlXCI%2BPGRpdiBjbGFzcz1cIm5zLTVyY2djLWUtMSByb3ctY29udGFpbmVyXCI%2BPGEgY2xhc3M9XCJucy01cmNnYy1lLTJcIiBkYXRhLWFzb2NoLXRhcmdldHM9XCJhZDAsaW1hZ2VDbGtcIiBocmVmPVwiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L2FjbGs%2Fc2E9bCZhbXA7YWk9Q3dSOU5Cb0FwWlpuSEdaV2dqdXdQaW9HMXVBWFQtdlRvY3N2WXlQNjFFY0NoaXJfRU5SQUJJSmIybEk4QllKWENwb0t3QjZBQjk1akh6QUxJQVFtcEFpam5NdGcycGJFLTRBSUFxQU1CeUFNS3FnVHdBa19RblMwTlVPanp5MGpQd1pHbVkxYXhaYklvaUtQaHgyRXcxYW5GOHlHUmRESWl3ZEdvQnBkenVJV0hheC1feXNfek9yb2pNWU1HU0JDemNCMG91OTdaN2JjRGhEUFp2QzVCUmt1eUZiWlRQLVR6ZUx2aXIyVlVkNWFFLVhuU0pPc2VmR3ZzNHU1UzJrazdzTW16bFNfZmxCc1U1YmlFMEliSDczcDFoR0xVRXZETDJOaG4zMENMTU9uelpOT0M5MUhmcjZtNEVwaFpwWEp5U3hJR1RUWHlOYkc0ejZ2M2RDc1FBQ05CRUE2U3Y4UTMzaDNwelBhdVN6VXpYNVl3azR5bm1yeGRDd2ZGYVprcE5NNEFub1V2ajg3VVFVR0xhRENqTGllbVl1QXRwY1NkRFQtUHREcndkUnAzU1NIZGpfcWg5a3NzZlR0RVR4dG4wdjVOdW1SdV9jdzRyeWF1YUZzaG1PUVpJcDBGQVk0em5feUg1aW1maGh4U0RwY3B4NlkxRXV3Y1B4ODdXM1F3Z1YzNXdBY01Cd2lzM0FHbjMtUDZOUVVTRldSMFNnMjhIUndKSDBuUnBjZXFxQURoLTZCRy1zX0w2TW84T0x4SWc1c05EU25ULUJHN05xT25CaWlLdkdoVnYyaXp3QVNKLXJ2U2lnVGdCQUdJQmVpajFJQTBvQVl1Z0FmeDVyaXpBYWdIMmJheEFxZ0hqczRicUFlVDJCdW9CLTZXc1FLb0JfNmVzUUtvQjZTanNRS29COVhKRzZnSHByNGJxQWVhQnFnSDg5RWJxQWVXMkJ1b0I2cWJzUUtvQjRPdHNRS29CXy1lc1FLb0I5LWZzUUxZQndEU0NCWUlnT0dBY0JBQkdCMHlBdXNDT2dLQVFFaTlfY0U2c1FsYWRRMU5qdmtsMG9BS0E1Z0xBY2dMQVlBTUFhb05Ba1JGeUEwQjRnMFRDTFBKaHU3SDg0RURGUldRZ3djZGlrQU5WOWdURGRBVkFaZ1dBZmdXQVlBWEFRJmFtcDthZT0xJmFtcDtnY2xpZD1FQUlhSVFvYkNoTUltZUtIN3NmemdRTVZGWkNEQngyS1FBMVhFQUVZQVNBQUVnSzFadkRfQndFJmFtcDtudW09MSZhbXA7Y2lkPUNBUVNPd0RJQ2FhTjZ2U1ZhNU5ENW1sLXlldWxnYXVfTFlDNy04Y25OZ1M5dGNyVkFjajA2VWZHYUFobEo3NlV4TlRRODJHRmFGWU0td2RnclEtOEdBRSZhbXA7c2lnPUFPRDY0XzBBdlM2dF93M21BRzFIeE1KeHRYLTFoMVFBeWcmYW1wO2NsaWVudD1jYS1wdWItNjI4MDgyNjYyNzcyMTE0NiZhbXA7cmY9NCZhbXA7bmI9OSZhbXA7YWR1cmw9aHR0cHM6Ly9ob2ZmbWFubi1nZXJtYW55LmRlLyUzRnRyY19nY21wX2lkJTNEMTM5NjAwMjQ1NTIlMjZ0cmNfZ2FnX2lkJTNEMTQwMjk2MjU2Nzc3JTI2dHJjX2dhZF9pZCUzRDY2MjA5NzM1NzI4MyUyNnV0bV9zb3VyY2UlM0Rnb29nbGUlMjZ1dG1fbWVkaXVtJTNEcGFpZCUyNnV0bV9jYW1wYWlnbiUzRDEzOTYwMDI0NTUyJTI2dXRtX2NvbnRlbnQlM0QxNDAyOTYyNTY3NzclMjZ1dG1fdGVybSUzRCUyNmdhZGlkJTNENjYyMDk3MzU3MjgzJTI2Z2NsaWQlM0RFQUlhSVFvYkNoTUltZUtIN3NmemdRTVZGWkNEQngyS1FBMVhFQUVZQVNBQUVnSzFadkRfQndFXCIgb249XCJ0YXA6YXNvY2gtZXhpdC1hcGkuZXhpdCh0YXJnZXQ9J2FkMCcsIF9hc29jaE5iUGFyYW09JzknKVwiIHRhcmdldD1cIl90b3BcIj48ZGl2IGNsYXNzPVwibnMtNXJjZ2MtZS0zIGltYWdlXCIgZGF0YS1mcmVlemUtaGVpZ2h0PVwiMjUwLjBcIiBkYXRhLWZyZWV6ZS13aWR0aD1cIjQ3OC4wXCI%2BPC9kaXY%2BPC9hPjxkaXYgY2xhc3M9XCJucy01cmNnYy1lLTQgdmVydGljYWwtc2VwYXJhdG9yXCI%2BPC9kaXY%2BPGRpdiBjbGFzcz1cIm5zLTVyY2djLWUtNSBjb2x1bW4tY29udGFpbmVyIHNpZGUtcm91bmRlZC1ib3JkZXJzXCI%2BPGRpdiBjbGFzcz1cIm5zLTVyY2djLWUtNiBjb2x1bW4tY29udGFpbmVyXCI%2BPGRpdiBjbGFzcz1cIm5zLTVyY2djLWUtNyByb3ctY29udGFpbmVyXCI%2BPGRpdiBjbGFzcz1cIm5zLTVyY2djLWUtOCBjb2x1bW4tY29udGFpbmVyXCI%2BPGRpdiBjbGFzcz1cIm5zLTVyY2djLWUtOVwiPjwvZGl2PjxkaXYgY2xhc3M9XCJucy01cmNnYy1lLTEwIHRpdGxlIG1pbG8tZm9udFwiPjxhIGNsYXNzPVwibnMtNXJjZ2MtZS0xMVwiIGRhdGEtYXNvY2gtdGFyZ2V0cz1cImFkMCx0aXRsZUNsa1wiIGRpcj1cImF1dG9cIiBocmVmPVwiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L2FjbGs%2Fc2E9bCZhbXA7YWk9Q3dSOU5Cb0FwWlpuSEdaV2dqdXdQaW9HMXVBWFQtdlRvY3N2WXlQNjFFY0NoaXJfRU5SQUJJSmIybEk4QllKWENwb0t3QjZBQjk1akh6QUxJQVFtcEFpam5NdGcycGJFLTRBSUFxQU1CeUFNS3FnVHdBa19RblMwTlVPanp5MGpQd1pHbVkxYXhaYklvaUtQaHgyRXcxYW5GOHlHUmRESWl3ZEdvQnBkenVJV0hheC1feXNfek9yb2pNWU1HU0JDemNCMG91OTdaN2JjRGhEUFp2QzVCUmt1eUZiWlRQLVR6ZUx2aXIyVlVkNWFFLVhuU0pPc2VmR3ZzNHU1UzJrazdzTW16bFNfZmxCc1U1YmlFMEliSDczcDFoR0xVRXZETDJOaG4zMENMTU9uelpOT0M5MUhmcjZtNEVwaFpwWEp5U3hJR1RUWHlOYkc0ejZ2M2RDc1FBQ05CRUE2U3Y4UTMzaDNwelBhdVN6VXpYNVl3azR5bm1yeGRDd2ZGYVprcE5NNEFub1V2ajg3VVFVR0xhRENqTGllbVl1QXRwY1NkRFQtUHREcndkUnAzU1NIZGpfcWg5a3NzZlR0RVR4dG4wdjVOdW1SdV9jdzRyeWF1YUZzaG1PUVpJcDBGQVk0em5feUg1aW1maGh4U0RwY3B4NlkxRXV3Y1B4ODdXM1F3Z1YzNXdBY01Cd2lzM0FHbjMtUDZOUVVTRldSMFNnMjhIUndKSDBuUnBjZXFxQURoLTZCRy1zX0w2TW84T0x4SWc1c05EU25ULUJHN05xT25CaWlLdkdoVnYyaXp3QVNKLXJ2U2lnVGdCQUdJQmVpajFJQTBvQVl1Z0FmeDVyaXpBYWdIMmJheEFxZ0hqczRicUFlVDJCdW9CLTZXc1FLb0JfNmVzUUtvQjZTanNRS29COVhKRzZnSHByNGJxQWVhQnFnSDg5RWJxQWVXMkJ1b0I2cWJzUUtvQjRPdHNRS29CXy1lc1FLb0I5LWZzUUxZQndEU0NCWUlnT0dBY0JBQkdCMHlBdXNDT2dLQVFFaTlfY0U2c1FsYWRRMU5qdmtsMG9BS0E1Z0xBY2dMQVlBTUFhb05Ba1JGeUEwQjRnMFRDTFBKaHU3SDg0RURGUldRZ3djZGlrQU5WOWdURGRBVkFaZ1dBZmdXQVlBWEFRJmFtcDthZT0xJmFtcDtnY2xpZD1FQUlhSVFvYkNoTUltZUtIN3NmemdRTVZGWkNEQngyS1FBMVhFQUVZQVNBQUVnSzFadkRfQndFJmFtcDtudW09MSZhbXA7Y2lkPUNBUVNPd0RJQ2FhTjZ2U1ZhNU5ENW1sLXlldWxnYXVfTFlDNy04Y25OZ1M5dGNyVkFjajA2VWZHYUFobEo3NlV4TlRRODJHRmFGWU0td2RnclEtOEdBRSZhbXA7c2lnPUFPRDY0XzBBdlM2dF93M21BRzFIeE1KeHRYLTFoMVFBeWcmYW1wO2NsaWVudD1jYS1wdWItNjI4MDgyNjYyNzcyMTE0NiZhbXA7cmY9NCZhbXA7bmI9MCZhbXA7YWR1cmw9aHR0cHM6Ly9ob2ZmbWFubi1nZXJtYW55LmRlLyUzRnRyY19nY21wX2lkJTNEMTM5NjAwMjQ1NTIlMjZ0cmNfZ2FnX2lkJTNEMTQwMjk2MjU2Nzc3JTI2dHJjX2dh&i=5-13&t=adltag_lnow43fu_mip2d2D7bE&r=3bb80a83ef65df1abe1cf6ba49e7c53&c=deseretdigital&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-64.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
odvXiI1Ly1sj3Ab5_RmE7VvQnF.fsWxS
date
Fri, 13 Oct 2023 16:30:54 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
30449
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
0
last-modified
Fri, 28 Oct 2022 01:03:48 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
BbPqNtOQJN1AoihlDH4tkwpDtXg4d82qtqAGZIxrmEj4tWh6MMekPw==
place
deseretdigital-tagan.adlightning.com/ Frame CD28 		0
446 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://deseretdigital-tagan.adlightning.com/place?p=1&d=ZF9pZCUzRDY2MjA5NzM1NzI4MyUyNnV0bV9zb3VyY2UlM0Rnb29nbGUlMjZ1dG1fbWVkaXVtJTNEcGFpZCUyNnV0bV9jYW1wYWlnbiUzRDEzOTYwMDI0NTUyJTI2dXRtX2NvbnRlbnQlM0QxNDAyOTYyNTY3NzclMjZ1dG1fdGVybSUzRCUyNmdhZGlkJTNENjYyMDk3MzU3MjgzJTI2Z2NsaWQlM0RFQUlhSVFvYkNoTUltZUtIN3NmemdRTVZGWkNEQngyS1FBMVhFQUVZQVNBQUVnSzFadkRfQndFXCIgb249XCJ0YXA6YXNvY2gtZXhpdC1hcGkuZXhpdCh0YXJnZXQ9J2FkMCcsIF9hc29jaE5iUGFyYW09JzAnKVwiIHRhcmdldD1cIl90b3BcIj5OaWUgd2llZGVyIFBmYW5uZW4gZW50c29yZ2VuPC9hPjwvZGl2PjxkaXYgY2xhc3M9XCJucy01cmNnYy1lLTEyXCI%2BPC9kaXY%2BPGRpdiBjbGFzcz1cIm5zLTVyY2djLWUtMTMgYm9keVwiPjxhIGNsYXNzPVwibnMtNXJjZ2MtZS0xNFwiIGRhdGEtYXNvY2gtdGFyZ2V0cz1cImFkMCxib2R5Q2xrXCIgZGlyPVwiYXV0b1wiIGhyZWY9XCJodHRwczovL2FkY2xpY2suZy5kb3VibGVjbGljay5uZXQvYWNsaz9zYT1sJmFtcDthaT1Dd1I5TkJvQXBaWm5IR1pXZ2p1d1Bpb0cxdUFYVC12VG9jc3ZZeVA2MUVjQ2hpcl9FTlJBQklKYjJsSThCWUpYQ3BvS3dCNkFCOTVqSHpBTElBUW1wQWlqbk10ZzJwYkUtNEFJQXFBTUJ5QU1LcWdUd0FrX1FuUzBOVU9qenkwalB3WkdtWTFheFpiSW9pS1BoeDJFdzFhbkY4eUdSZERJaXdkR29CcGR6dUlXSGF4LV95c196T3Jvak1ZTUdTQkN6Y0Iwb3U5N1o3YmNEaERQWnZDNUJSa3V5RmJaVFAtVHplTHZpcjJWVWQ1YUUtWG5TSk9zZWZHdnM0dTVTMmtrN3NNbXpsU19mbEJzVTViaUUwSWJINzNwMWhHTFVFdkRMMk5objMwQ0xNT256Wk5PQzkxSGZyNm00RXBoWnBYSnlTeElHVFRYeU5iRzR6NnYzZENzUUFDTkJFQTZTdjhRMzNoM3B6UGF1U3pVelg1WXdrNHlubXJ4ZEN3ZkZhWmtwTk00QW5vVXZqODdVUVVHTGFEQ2pMaWVtWXVBdHBjU2REVC1QdERyd2RScDNTU0hkal9xaDlrc3NmVHRFVHh0bjB2NU51bVJ1X2N3NHJ5YXVhRnNobU9RWklwMEZBWTR6bl95SDVpbWZoaHhTRHBjcHg2WTFFdXdjUHg4N1czUXdnVjM1d0FjTUJ3aXMzQUduMy1QNk5RVVNGV1IwU2cyOEhSd0pIMG5ScGNlcXFBRGgtNkJHLXNfTDZNbzhPTHhJZzVzTkRTblQtQkc3TnFPbkJpaUt2R2hWdjJpendBU0otcnZTaWdUZ0JBR0lCZWlqMUlBMG9BWXVnQWZ4NXJpekFhZ0gyYmF4QXFnSGpzNGJxQWVUMkJ1b0ItNldzUUtvQl82ZXNRS29CNlNqc1FLb0I5WEpHNmdIcHI0YnFBZWFCcWdIODlFYnFBZVcyQnVvQjZxYnNRS29CNE90c1FLb0JfLWVzUUtvQjktZnNRTFlCd0RTQ0JZSWdPR0FjQkFCR0IweUF1c0NPZ0tBUUVpOV9jRTZzUWxhZFExTmp2a2wwb0FLQTVnTEFjZ0xBWUFNQWFvTkFrUkZ5QTBCNGcwVENMUEpodTdIODRFREZSV1Fnd2NkaWtBTlY5Z1REZEFWQVpnV0FmZ1dBWUFYQVEmYW1wO2FlPTEmYW1wO2djbGlkPUVBSWFJUW9iQ2hNSW1lS0g3c2Z6Z1FNVkZaQ0RCeDJLUUExWEVBRVlBU0FBRWdLMVp2RF9Cd0UmYW1wO251bT0xJmFtcDtjaWQ9Q0FRU093RElDYWFONnZTVmE1TkQ1bWwteWV1bGdhdV9MWUM3LThjbk5nUzl0Y3JWQWNqMDZVZkdhQWhsSjc2VXhOVFE4MkdGYUZZTS13ZGdyUS04R0FFJmFtcDtzaWc9QU9ENjRfMEF2UzZ0X3czbUFHMUh4TUp4dFgtMWgxUUF5ZyZhbXA7Y2xpZW50PWNhLXB1Yi02MjgwODI2NjI3NzIxMTQ2JmFtcDtyZj00JmFtcDtuYj03JmFtcDthZHVybD1odHRwczovL2hvZmZtYW5uLWdlcm1hbnkuZGUvJTNGdHJjX2djbXBfaWQlM0QxMzk2MDAyNDU1MiUyNnRyY19nYWdfaWQlM0QxNDAyOTYyNTY3NzclMjZ0cmNfZ2FkX2lkJTNENjYyMDk3MzU3MjgzJTI2dXRtX3NvdXJjZSUzRGdvb2dsZSUyNnV0bV9tZWRpdW0lM0RwYWlkJTI2dXRtX2NhbXBhaWduJTNEMTM5NjAwMjQ1NTIlMjZ1dG1fY29udGVudCUzRDE0MDI5NjI1Njc3NyUyNnV0bV90ZXJtJTNEJTI2Z2FkaWQlM0Q2NjIwOTczNTcyODMlMjZnY2xpZCUzREVBSWFJUW9iQ2hNSW1lS0g3c2Z6Z1FNVkZaQ0RCeDJLUUExWEVBRVlBU0FBRWdLMVp2RF9Cd0VcIiBvbj1cInRhcDphc29jaC1leGl0LWFwaS5leGl0KHRhcmdldD0nYWQwJywgX2Fzb2NoTmJQYXJhbT0nNycpXCIgdGFyZ2V0PVwiX3RvcFwiPkbDvHIgZGllIEV3aWdrZWl0IGdlZmVydGlndDogV2llZGVyYmVzY2hpY2h0dW5nICZhbXA7PGJyPmxlYmVuc2xhbmdlIEdhcmFudGllIGF1ZiBWZXJ6dWdzZnJlaWhlaXQuPC9hPjwvZGl2PjxkaXYgY2xhc3M9XCJucy01cmNnYy1lLTE1XCI%2BPC9kaXY%2BPC9kaXY%2BPC9kaXY%2BPC9kaXY%2BPGRpdiBjbGFzcz1cIm5zLTVyY2djLWUtMTYgc2VwYXJhdG9yXCI%2BPC9kaXY%2BPGRpdiBjbGFzcz1cIm5zLTVyY2djLWUtMTcgcm93LWNvbnRhaW5lciBjb21tb24tYW5pbWF0aW9uLXBhdHRlcm4gYnV0dG9uLWNvbnRhaW5lclwiPjxhIGNsYXNzPVwibnMtNXJjZ2MtZS0xOCBiYXItY2xpY2thYmxlLWNvbnRhaW5lclwiIGRhdGEtYXNvY2gtdGFyZ2V0cz1cImFkMCxidG5DbGtcIiBocmVmPVwiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L2FjbGs%2Fc2E9bCZhbXA7YWk9Q3dSOU5Cb0FwWlpuSEdaV2dqdXdQaW9HMXVBWFQtdlRvY3N2WXlQNjFFY0NoaXJfRU5SQUJJSmIybEk4QllKWENwb0t3QjZBQjk1akh6QUxJQVFtcEFpam5NdGcycGJFLTRBSUFxQU1CeUFNS3FnVHdBa19RblMwTlVPanp5MGpQd1pHbVkxYXhaYklvaUtQaHgyRXcxYW5GOHlHUmRESWl3ZEdvQnBkenVJV0hheC1feXNfek9yb2pNWU1HU0JDemNCMG91OTdaN2JjRGhEUFp2QzVCUmt1eUZiWlRQLVR6ZUx2aXIyVlVkNWFFLVhuU0pPc2VmR3ZzNHU1UzJrazdzTW16bFNfZmxCc1U1YmlFMEliSDczcDFoR0xVRXZETDJOaG4zMENMTU9uelpOT0M5MUhmcjZtNEVwaFpwWEp5U3hJR1RUWHlOYkc0ejZ2M2RDc1FBQ05CRUE2U3Y4UTMzaDNwelBhdVN6VXpYNVl3azR5bm1yeGRDd2ZGYVprcE5NNEFub1V2ajg3VVFVR0xhRENqTGllbVl1QXRwY1NkRFQtUHREcndkUnAzU1NIZGpfcWg5a3NzZlR0RVR4dG4wdjVOdW1SdV9jdzRyeWF1YUZzaG1PUVpJcDBGQVk0em5feUg1aW1maGh4U0RwY3B4NlkxRXV3Y1B4ODdXM1F3Z1YzNXdBY01Cd2lzM0FHbjMtUDZOUVVTRldSMFNnMjhIUndKSDBuUnBjZXFxQURoLTZCRy1zX0w2TW84T0x4SWc1c05EU25ULUJHN05xT25CaWlLdkdoVnYyaXp3QVNKLXJ2U2lnVGdCQUdJQmVpajFJQTBvQVl1Z0FmeDVyaXpBYWdIMmJheEFxZ0hqczRicUFlVDJCdW9CLTZXc1FLb0JfNmVzUUtvQjZTanNRS29COVhKRzZnSHByNGJxQWVhQnFnSDg5RWJxQWVXMkJ1b0I2cWJzUUtvQjRPdHNRS29CXy1lc1FLb0I5LWZzUUxZQndEU0NCWUlnT0dBY0JBQkdCMHlBdXNDT2dLQVFFaTlfY0U2c1FsYWRRMU5qdmtsMG9BS0E1Z0xBY2dMQVlBTUFhb05Ba1JGeUEwQjRnMFRDTFBKaHU3SDg0RURGUldRZ3djZGlrQU5WOWdURGRBVkFaZ1dBZmdXQVlBWEFRJmFtcDthZT0xJmFtcDtnY2xpZD1FQUlhSVFvYkNoTUltZUtIN3NmemdRTVZGWkNEQngyS1FBMVhFQUVZQVNBQUVnSzFadkRfQndFJmFtcDtudW09MSZhbXA7Y2lkPUNBUVNPd0RJQ2FhTjZ2U1ZhNU5ENW1sLXlldWxnYXVfTFlDNy04Y25OZ1M5dGNyVkFjajA2VWZHYUFobEo3NlV4TlRRODJHRmFGWU0td2RnclEtOEdBRSZhbXA7c2lnPUFPRDY0XzBBdlM2dF93M21BRzFIeE1KeHRYLTFoMVFBeWcmYW1wO2NsaWVudD1jYS1wdWItNjI4MDgyNjYyNzcyMTE0NiZhbXA7cmY9NCZhbXA7bmI9OCZhbXA7YWR1cmw9aHR0cHM6Ly9ob2ZmbWFubi1nZXJtYW55LmRlLyUzRnRyY19nY21wX2lkJTNEMTM5NjAwMjQ1NTIlMjZ0cmNfZ2FnX2lkJTNEMTQwMjk2MjU2Nzc3JTI2dHJjX2dhZF9pZCUzRDY2MjA5NzM1NzI4MyUyNnV0bV9zb3VyY2UlM0Rnb29nbGUlMjZ1dG1fbWVkaXVtJTNEcGFpZCUyNnV0bV9jYW1wYWlnbiUzRDEzOTYwMDI0NTUyJTI2dXRtX2NvbnRlbnQlM0QxNDAyOTYyNTY3NzclMjZ1dG1fdGVybSUzRCUyNmdhZGlkJTNENjYyMDk3MzU3MjgzJTI2Z2NsaWQlM0RFQUlhSVFvYkNoTUltZUtIN3NmemdRTVZGWkNEQngyS1FBMVhFQUVZQVNBQUVnSzFadkRfQndFXCIgb249XCJ0YXA6YXNvY2gtZXhpdC1hcGkuZXhpdCh0YXJnZXQ9J2FkMCcsIF9hc29jaE5iUGFyYW09JzgnKVwiIHRhcmdldD1cIl90b3BcIj48L2E%2BPGRpdiBjbGFzcz1cIm5zLTVyY2djLWUtMTkgdXJsIGNvbW1vbi1hbmltYXRpb24tcGF0dGVybiB1cmwtY29udGFpbmVyXCI%2BPGEgY2xhc3M9XCJucy01cmNnYy1lLTIwXCIgZGF0YS1hc29jaC10YXJnZXRzPVwiYWQwLHVybENsa1wiIGRpcj1cImF1dG9cIiBocmVmPVwiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L2FjbGs%2Fc2E9bCZhbXA7YWk9Q3dSOU5Cb0FwWlpuSEdaV2dqdXdQaW9HMXVBWFQtdlRvY3N2WXlQNjFFY0NoaXJfRU5SQUJJSmIybEk4QllKWENwb0t3QjZBQjk1akh6QUxJQVFtcEFpam5NdGcycGJFLTRBSUFxQU1CeUFNS3FnVHdBa19RblMwTlVPanp5MGpQd1pHbVkxYXhaYklvaUtQaHgyRXcxYW5GOHlHUmRESWl3ZEdvQnBkenVJV0hheC1feXNfek9yb2pNWU1HU0JDemNCMG91OTdaN2JjRGhEUFp2QzVCUmt1eUZiWlRQLVR6ZUx2aXIyVlVkNWFFLVhuU0pPc2VmR3ZzNHU1UzJrazdzTW16bFNfZmxCc1U1YmlFMEliSDczcDFoR0xVRXZETDJOaG4zMENMTU9uelpOT0M5MUhmcjZtNEVwaFpwWEp5U3hJR1RUWHlOYkc0ejZ2M2RDc1FBQ05CRUE2U3Y4UTMzaDNwelBhdVN6VXpYNVl3azR5bm1yeGRDd2ZGYVprcE5NNEFub1V2ajg3VVFVR0xhRENqTGllbVl1QXRwY1NkRFQtUHREcndkUnAzU1NIZGpfcWg5a3NzZlR0RVR4dG4wdjVOdW1SdV9jdzRyeWF1YUZzaG1PUVpJcDBGQVk0em5feUg1aW1maGh4U0RwY3B4NlkxRXV3Y1B4ODdXM1F3Z1YzNXdBY01Cd2lzM0FHbjMtUDZOUVVTRldSMFNnMjhIUndKSDBuUnBjZXFxQURoLTZCRy1zX0w2TW84T0x4SWc1c05EU25ULUJHN05xT25CaWlLdkdoVnYyaXp3QVNKLXJ2U2lnVGdCQUdJQmVpajFJQTBvQVl1Z0FmeDVyaXpBYWdIMmJheEFxZ0hqczRicUFlVDJCdW9CLTZXc1FLb0JfNmVzUUtvQjZTanNRS29COVhKRzZnSHByNGJxQWVhQnFnSDg5RWJxQWVXMkJ1b0I2cWJzUUtvQjRPdHNRS29CXy1lc1FLb0I5LWZzUUxZQndEU0NCWUlnT0dBY0JBQkdCMHlBdXNDT2dLQVFFaTlfY0U2c1FsYWRRMU5qdmtsMG9BS0E1Z0xBY2dMQVlBTUFhb05Ba1JGeUEwQjRnMFRDTFBKaHU3SDg0RURGUldRZ3djZGlrQU5WOWdURGRBVkFaZ1dBZmdXQVlBWEFRJmFtcDthZT0xJmFtcDtnY2xpZD1FQUlhSVFvYkNoTUltZUtIN3NmemdRTVZGWkNEQngyS1FBMVhFQUVZQVNBQUVnSzFadkRfQndFJmFtcDtudW09MSZhbXA7Y2lkPUNBUVNPd0RJQ2FhTjZ2U1ZhNU5ENW1sLXlldWxnYXVfTFlDNy04Y25OZ1M5dGNyVkFjajA2VWZHYUFobEo3NlV4TlRRODJHRmFGWU0td2RnclEtOEdBRSZhbXA7c2lnPUFPRDY0XzBBdlM2dF93M21BRzFIeE1KeHRYLTFoMVFBeWcmYW1wO2NsaWVudD1jYS1wdWItNjI4MDgyNjYyNzcyMTE0NiZhbXA7cmY9NCZhbXA7bmI9MSZhbXA7YWR1cmw9aHR0cHM6Ly9ob2ZmbWFubi1nZXJtYW55LmRlLyUzRnRyY19nY21wX2lkJTNEMTM5NjAwMjQ1NTIlMjZ0cmNfZ2FnX2lkJTNEMTQwMjk2MjU2Nzc3JTI2dHJjX2dhZF9pZCUzRDY2MjA5NzM1NzI4MyUyNnV0bV9zb3VyY2UlM0Rnb29nbGUlMjZ1dG1fbWVkaXVtJTNEcGFpZCUyNnV0bV9jYW1wYWlnbiUzRDEzOTYwMDI0NTUyJTI2dXRtX2NvbnRlbnQlM0QxNDAyOTYyNTY3NzclMjZ1dG1fdGVybSUzRCUyNmdhZGlkJTNENjYyMDk3MzU3MjgzJTI2Z2NsaWQlM0RFQUlhSVFvYkNoTUltZUtIN3NmemdRTVZGWkNEQngyS1FBMVhFQUVZQVNBQUVnSzFadkRfQndFXCIgb249XCJ0YXA6YXNvY2gtZXhpdC1hcGkuZXhpdCh0YXJnZXQ9J2FkMCcsIF9hc29jaE5iUGFyYW09JzEnKVwiIHRhcmdldD1cIl90b3BcIj5Ib2ZmbWFubiBHZXJtYW55PC9hPjwvZGl2PjxkaXYgY2xhc3M9XCJucy01cmNnYy1lLTIxXCI%2BPC9kaXY%2BPGRpdiBjbGFzcz1cIm5zLTVyY2djLWUtMjIgYnV0dG9uIG&i=6-13&t=adltag_lnow43fu_mip2d2D7bE&r=3bb80a83ef65df1abe1cf6ba49e7c53&c=deseretdigital&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-64.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
odvXiI1Ly1sj3Ab5_RmE7VvQnF.fsWxS
date
Fri, 13 Oct 2023 16:30:54 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
30449
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
0
last-modified
Fri, 28 Oct 2022 01:03:48 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
tiZZ5vFsWBIqNgrpxPYweCnQdE8LsDzPG0yV3yUNlTDMdCSABgGpYw==
place
deseretdigital-tagan.adlightning.com/ Frame CD28 		0
446 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://deseretdigital-tagan.adlightning.com/place?p=1&d=NvbW1vbi1hbmltYXRpb24tcGF0dGVybiBidXR0b24tY29udGFpbmVyXCI%2BPGEgY2xhc3M9XCJucy01cmNnYy1lLTIzXCIgZGF0YS1hc29jaC10YXJnZXRzPVwiYWQwLGJ0bkNsa1wiIGRpcj1cImF1dG9cIiBocmVmPVwiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L2FjbGs%2Fc2E9bCZhbXA7YWk9Q3dSOU5Cb0FwWlpuSEdaV2dqdXdQaW9HMXVBWFQtdlRvY3N2WXlQNjFFY0NoaXJfRU5SQUJJSmIybEk4QllKWENwb0t3QjZBQjk1akh6QUxJQVFtcEFpam5NdGcycGJFLTRBSUFxQU1CeUFNS3FnVHdBa19RblMwTlVPanp5MGpQd1pHbVkxYXhaYklvaUtQaHgyRXcxYW5GOHlHUmRESWl3ZEdvQnBkenVJV0hheC1feXNfek9yb2pNWU1HU0JDemNCMG91OTdaN2JjRGhEUFp2QzVCUmt1eUZiWlRQLVR6ZUx2aXIyVlVkNWFFLVhuU0pPc2VmR3ZzNHU1UzJrazdzTW16bFNfZmxCc1U1YmlFMEliSDczcDFoR0xVRXZETDJOaG4zMENMTU9uelpOT0M5MUhmcjZtNEVwaFpwWEp5U3hJR1RUWHlOYkc0ejZ2M2RDc1FBQ05CRUE2U3Y4UTMzaDNwelBhdVN6VXpYNVl3azR5bm1yeGRDd2ZGYVprcE5NNEFub1V2ajg3VVFVR0xhRENqTGllbVl1QXRwY1NkRFQtUHREcndkUnAzU1NIZGpfcWg5a3NzZlR0RVR4dG4wdjVOdW1SdV9jdzRyeWF1YUZzaG1PUVpJcDBGQVk0em5feUg1aW1maGh4U0RwY3B4NlkxRXV3Y1B4ODdXM1F3Z1YzNXdBY01Cd2lzM0FHbjMtUDZOUVVTRldSMFNnMjhIUndKSDBuUnBjZXFxQURoLTZCRy1zX0w2TW84T0x4SWc1c05EU25ULUJHN05xT25CaWlLdkdoVnYyaXp3QVNKLXJ2U2lnVGdCQUdJQmVpajFJQTBvQVl1Z0FmeDVyaXpBYWdIMmJheEFxZ0hqczRicUFlVDJCdW9CLTZXc1FLb0JfNmVzUUtvQjZTanNRS29COVhKRzZnSHByNGJxQWVhQnFnSDg5RWJxQWVXMkJ1b0I2cWJzUUtvQjRPdHNRS29CXy1lc1FLb0I5LWZzUUxZQndEU0NCWUlnT0dBY0JBQkdCMHlBdXNDT2dLQVFFaTlfY0U2c1FsYWRRMU5qdmtsMG9BS0E1Z0xBY2dMQVlBTUFhb05Ba1JGeUEwQjRnMFRDTFBKaHU3SDg0RURGUldRZ3djZGlrQU5WOWdURGRBVkFaZ1dBZmdXQVlBWEFRJmFtcDthZT0xJmFtcDtnY2xpZD1FQUlhSVFvYkNoTUltZUtIN3NmemdRTVZGWkNEQngyS1FBMVhFQUVZQVNBQUVnSzFadkRfQndFJmFtcDtudW09MSZhbXA7Y2lkPUNBUVNPd0RJQ2FhTjZ2U1ZhNU5ENW1sLXlldWxnYXVfTFlDNy04Y25OZ1M5dGNyVkFjajA2VWZHYUFobEo3NlV4TlRRODJHRmFGWU0td2RnclEtOEdBRSZhbXA7c2lnPUFPRDY0XzBBdlM2dF93M21BRzFIeE1KeHRYLTFoMVFBeWcmYW1wO2NsaWVudD1jYS1wdWItNjI4MDgyNjYyNzcyMTE0NiZhbXA7cmY9NCZhbXA7bmI9OCZhbXA7YWR1cmw9aHR0cHM6Ly9ob2ZmbWFubi1nZXJtYW55LmRlLyUzRnRyY19nY21wX2lkJTNEMTM5NjAwMjQ1NTIlMjZ0cmNfZ2FnX2lkJTNEMTQwMjk2MjU2Nzc3JTI2dHJjX2dhZF9pZCUzRDY2MjA5NzM1NzI4MyUyNnV0bV9zb3VyY2UlM0Rnb29nbGUlMjZ1dG1fbWVkaXVtJTNEcGFpZCUyNnV0bV9jYW1wYWlnbiUzRDEzOTYwMDI0NTUyJTI2dXRtX2NvbnRlbnQlM0QxNDAyOTYyNTY3NzclMjZ1dG1fdGVybSUzRCUyNmdhZGlkJTNENjYyMDk3MzU3MjgzJTI2Z2NsaWQlM0RFQUlhSVFvYkNoTUltZUtIN3NmemdRTVZGWkNEQngyS1FBMVhFQUVZQVNBQUVnSzFadkRfQndFXCIgb249XCJ0YXA6YXNvY2gtZXhpdC1hcGkuZXhpdCh0YXJnZXQ9J2FkMCcsIF9hc29jaE5iUGFyYW09JzgnKVwiIHRhcmdldD1cIl90b3BcIj5KZXR6dCBlaW5rYXVmZW48L2E%2BPC9kaXY%2BPGEgY2xhc3M9XCJucy01cmNnYy1lLTI0XCIgZGF0YS1hc29jaC10YXJnZXRzPVwiYWQwLGJ0bkNsa1wiIGhyZWY9XCJodHRwczovL2FkY2xpY2suZy5kb3VibGVjbGljay5uZXQvYWNsaz9zYT1sJmFtcDthaT1Dd1I5TkJvQXBaWm5IR1pXZ2p1d1Bpb0cxdUFYVC12VG9jc3ZZeVA2MUVjQ2hpcl9FTlJBQklKYjJsSThCWUpYQ3BvS3dCNkFCOTVqSHpBTElBUW1wQWlqbk10ZzJwYkUtNEFJQXFBTUJ5QU1LcWdUd0FrX1FuUzBOVU9qenkwalB3WkdtWTFheFpiSW9pS1BoeDJFdzFhbkY4eUdSZERJaXdkR29CcGR6dUlXSGF4LV95c196T3Jvak1ZTUdTQkN6Y0Iwb3U5N1o3YmNEaERQWnZDNUJSa3V5RmJaVFAtVHplTHZpcjJWVWQ1YUUtWG5TSk9zZWZHdnM0dTVTMmtrN3NNbXpsU19mbEJzVTViaUUwSWJINzNwMWhHTFVFdkRMMk5objMwQ0xNT256Wk5PQzkxSGZyNm00RXBoWnBYSnlTeElHVFRYeU5iRzR6NnYzZENzUUFDTkJFQTZTdjhRMzNoM3B6UGF1U3pVelg1WXdrNHlubXJ4ZEN3ZkZhWmtwTk00QW5vVXZqODdVUVVHTGFEQ2pMaWVtWXVBdHBjU2REVC1QdERyd2RScDNTU0hkal9xaDlrc3NmVHRFVHh0bjB2NU51bVJ1X2N3NHJ5YXVhRnNobU9RWklwMEZBWTR6bl95SDVpbWZoaHhTRHBjcHg2WTFFdXdjUHg4N1czUXdnVjM1d0FjTUJ3aXMzQUduMy1QNk5RVVNGV1IwU2cyOEhSd0pIMG5ScGNlcXFBRGgtNkJHLXNfTDZNbzhPTHhJZzVzTkRTblQtQkc3TnFPbkJpaUt2R2hWdjJpendBU0otcnZTaWdUZ0JBR0lCZWlqMUlBMG9BWXVnQWZ4NXJpekFhZ0gyYmF4QXFnSGpzNGJxQWVUMkJ1b0ItNldzUUtvQl82ZXNRS29CNlNqc1FLb0I5WEpHNmdIcHI0YnFBZWFCcWdIODlFYnFBZVcyQnVvQjZxYnNRS29CNE90c1FLb0JfLWVzUUtvQjktZnNRTFlCd0RTQ0JZSWdPR0FjQkFCR0IweUF1c0NPZ0tBUUVpOV9jRTZzUWxhZFExTmp2a2wwb0FLQTVnTEFjZ0xBWUFNQWFvTkFrUkZ5QTBCNGcwVENMUEpodTdIODRFREZSV1Fnd2NkaWtBTlY5Z1REZEFWQVpnV0FmZ1dBWUFYQVEmYW1wO2FlPTEmYW1wO2djbGlkPUVBSWFJUW9iQ2hNSW1lS0g3c2Z6Z1FNVkZaQ0RCeDJLUUExWEVBRVlBU0FBRWdLMVp2RF9Cd0UmYW1wO251bT0xJmFtcDtjaWQ9Q0FRU093RElDYWFONnZTVmE1TkQ1bWwteWV1bGdhdV9MWUM3LThjbk5nUzl0Y3JWQWNqMDZVZkdhQWhsSjc2VXhOVFE4MkdGYUZZTS13ZGdyUS04R0FFJmFtcDtzaWc9QU9ENjRfMEF2UzZ0X3czbUFHMUh4TUp4dFgtMWgxUUF5ZyZhbXA7Y2xpZW50PWNhLXB1Yi02MjgwODI2NjI3NzIxMTQ2JmFtcDtyZj00JmFtcDtuYj04JmFtcDthZHVybD1odHRwczovL2hvZmZtYW5uLWdlcm1hbnkuZGUvJTNGdHJjX2djbXBfaWQlM0QxMzk2MDAyNDU1MiUyNnRyY19nYWdfaWQlM0QxNDAyOTYyNTY3NzclMjZ0cmNfZ2FkX2lkJTNENjYyMDk3MzU3MjgzJTI2dXRtX3NvdXJjZSUzRGdvb2dsZSUyNnV0bV9tZWRpdW0lM0RwYWlkJTI2dXRtX2NhbXBhaWduJTNEMTM5NjAwMjQ1NTIlMjZ1dG1fY29udGVudCUzRDE0MDI5NjI1Njc3NyUyNnV0bV90ZXJtJTNEJTI2Z2FkaWQlM0Q2NjIwOTczNTcyODMlMjZnY2xpZCUzREVBSWFJUW9iQ2hNSW1lS0g3c2Z6Z1FNVkZaQ0RCeDJLUUExWEVBRVlBU0FBRWdLMVp2RF9Cd0VcIiBvbj1cInRhcDphc29jaC1leGl0LWFwaS5leGl0KHRhcmdldD0nYWQwJywgX2Fzb2NoTmJQYXJhbT0nOCcpXCIgdGFyZ2V0PVwiX3RvcFwiPjxkaXYgY2xhc3M9XCJucy01cmNnYy1lLTI1IGNvbW1vbi1hbmltYXRpb24tcGF0dGVybiBidXR0b24tY29udGFpbmVyXCI%2BPGRpdiBjbGFzcz1cIm5zLTVyY2djLWUtMjYgZmxpcC1vbi1ydGwgY29tbW9uLWFuaW1hdGlvbi1wYXR0ZXJuIGhpZ2hsaWdodC1idXR0b25cIiBkYXRhLWZyZWV6ZS1oZWlnaHQ9XCIyNS4wXCIgZGF0YS1mcmVlemUtd2lkdGg9XCIyNS4wXCI%2BPC9kaXY%2BPGRpdiBjbGFzcz1cIm5zLTVyY2djLWUtMjcgZmxpcC1vbi1ydGwgY29tbW9uLWFuaW1hdGlvbi1wYXR0ZXJuIHdoaXRlLWJ1dHRvblwiIGRhdGEtZnJlZXplLWhlaWdodD1cIjI1LjBcIiBkYXRhLWZyZWV6ZS13aWR0aD1cIjI1LjBcIj48L2Rpdj48L2Rpdj48L2E%2BPC9kaXY%2BPC9kaXY%2BPC9kaXY%2BPGRpdiBjbGFzcz1cIm5zLTVyY2djLWUtMjggZnVsbC1oZWlnaHQgYm9yZGVyIGhib3JkZXIgdG9wXCI%2BPC9kaXY%2BPGRpdiBjbGFzcz1cIm5zLTVyY2djLWUtMjkgZnVsbC1oZWlnaHQgYm9yZGVyIGhib3JkZXIgYm90dG9tXCI%2BPC9kaXY%2BPGRpdiBjbGFzcz1cIm5zLTVyY2djLWUtMzAgZnVsbC1oZWlnaHQgYm9yZGVyIHZib3JkZXIgbGVmdFwiPjwvZGl2PjwvZGl2PjwvZGl2PjxkaXYgYXJpYS1oaWRkZW49XCJ0cnVlXCIgY2xhc3M9XCJhYmdjIGFiZ2YgcGVuXCIgZGlyPVwibHRyXCIgaWQ9XCJhYmdjXCI%2BPGRpdiBjbGFzcz1cImFiZ2NwIHBlYVwiIGlkPVwiYWJnY3BcIj48ZGl2IGNsYXNzPVwiYWJnc1wiIGlkPVwiYWJnc1wiPjxhIGNsYXNzPVwiYWJnbFwiIGhyZWY9XCJodHRwczovL2Fkc3NldHRpbmdzLmdvb2dsZS5jb20vd2h5dGhpc2FkP3NvdXJjZT1kaXNwbGF5JmFtcDtyZWFzb25zPUFRV0ZuaXZ6dUFza01Wc3ZtRG91YVpPYXR1dDJaV3FZZmc5djJNOXBUOElieENUMVAzWGNiM1RXWFVsbzlHRWVuVEFfMnk0VmVNSzBvMHBadTF1MjcyaVJHenplZWpZT0FWMW9KQWtYbUhBNkVlRWF5TDUzMDhDVVQ0dWktLUxnTG1OVDVSeXVNNmljbV9rdnpNLWdGazVGalgtRWFsWnZqUHhmd0IzRXZGYUJ0bjdpd0oxS2xycFl6Rm5hN0RBaXFqME1iWHNmcW9jMFdaQkgxams3VEU4Z09aNFVhcmg3U3ZfZ29QQXBfMmk4NDdac0c0RGNtZG1renFBNklCSUw0amtzTU1nZEdMb1QyU1hFT1M2NEhxMThhdXNJb0VDVV9rajZ4N1RKQWFfNGRRMjZGWU9RWTJRRVE2YzZyTFJyeHowVlppcXhJcVQzdzkzQ1RZNFozdW5nTFlYbjhXbndnWVVOY25Vd1NCWl8yTVp2RE1MdVE1RHhQZkpoa0tZV002dlMzNXBhRlNlVm15VFFaQm02RG5IbVc3M2cwTnZpMmtnRURTc1VhcXduMzV6MlRFTjNTZEpna0Z3ZUtkaWluekZ4U2RHTDdMSW5GaHMzNmtweGZCdm9laW5qcVF4d0tyT1RCSng3c0txVFpiWHpDZldEV25zc0QyVFM3dW0zbnFiQ2k0N2t4ODgwYnp2LURpdzl0ak5KNW9QUzYwTTBsMDhhNjJNX1pNUDhhOGtQckdSMDRGR0FqUU9DaG02SlhpaDB2a0Qyakc2al9TR0FheE9lcFgtOWRCWW5EMkwxWmtFd1UyU09RRk45cmdMZ3JkaTg3bDkzYzhJekxUcUlSaC1oLXVVbnIybGdGS3otVEw3akptajh1c05NWlpIN2xEalR2eXlDdkUxZlQ4aDZFejEzRE94VGh6WEVfMUVZYWNmbUttTDdQSExubFZKNHhET3NnMEMxX1gza01HVkR0c00xcThJd2dkbUFEVm5ucWo5eFlmTllNbldMb1Y3UkZWZFpvY3JqR3J0dk1tRnJGZnZkbVUzYU5mcHZhSk9meExkU3p6b29BQVRWeUl6ZENXZUVTM3JKVl9oTW9lZ2RfdVU1Zkw1eFo1V2hMU18tR3VRbUt6VXByNklEb1dPb2hUa0dqcFUyMHZybjd3UlNqbnhsVXdtcU1CSWYwWkZSeGlXMDM5R1BtRnlXa1lONkJGamxBWmRqRUJ2NmFtemxyR0dEbGVOOWt2R1pMOTFJdkt1YWJnUmxmTG50c3J1Qy10OGpqYWY4UmlwTm5fYUszUlZIcmhEV1hKMVJUUHI1RmhjSDkwLXN0b2pkVW5ZUnlmNFlSc0VhZXU1TFFhS0ljSlotX21QOFhaOEliME9Ydlh2WGNDYmNyd082R2xqS1NRcW1oRjZjeDVFX3FMeC1DZ2VncUh5LXZsZnFxbHFxb0JTdlZwY3BITVUzMkdqWjR1MVJKTF9vNUhRUVRwR2lWa0RZeTBUUTRoMlV3LXVLNEpkcTZxWnk5aVJERmxOVFNNZEtsT0szTGpYTmh2T2RMamJib2hKME5NbHpHTDhNcUlmempsWjh3bkViQnB3dTN5ZjNSd0JGWmRSVzNSMTRCZUxqaUFkenNzdXo3LVJrR2QyVUJNWmZLZGFvb0FBNDhKVC1MeE80dldDUkt6YXczcF9nTERrWlhESEhFbjFrSnVsRU5LN19pSXJsc1lKd2ZoM0NaWTJEa3gyVHRfbjdSODAza2R0bmJtMV9lemEzWklXRmVNVkVobGZjVjNpRDdFX1k5SlJlTW9ZTGVoTzRtWUtibGtBekRLQUZyMTVyWU5NZWJPbTdJTVJsRkpMamgyalNjdkd2TVllMkRrWVJ0MDVNd1JNQXQ0eGtjXzl2OHhTNmpnSTN2MGt6dWdsUUlOUG1RZnF6N0RLQ1hmRUZyaUhpNGdxUXRnNjVaYmo5SE9YQ2VzVVNmcUI4YkpoMW9SdExyQTR2VEw5MzlfeHdCR2trLXZDc280RGdMV3lac0Yxay1wQXdvLUJkeHpxUFA4R0dqT0Exbmo3X3MzRFlYNHlxNFVvUHYzdC1DYVpSTlhZNVFHMXFmZVZKYy1zNUtyVklHc2VFQ250NDlPUUs1UlpyU2toV2NOTlFhYmd3WENZbGpPUkd2eDNWbTFwcHo3RmowS2Y1SE1QOV96dnMzR0FGUElYT0NlQklMYTloa1ZXOUNMREQzQW9VSjlITnc0TG54dEFjUnREdG&i=7-13&t=adltag_lnow43fu_mip2d2D7bE&r=3bb80a83ef65df1abe1cf6ba49e7c53&c=deseretdigital&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-64.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
odvXiI1Ly1sj3Ab5_RmE7VvQnF.fsWxS
date
Fri, 13 Oct 2023 16:30:54 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
30449
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
0
last-modified
Fri, 28 Oct 2022 01:03:48 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
H2aj98G3FMluPDjLRgW4Qhim7_jc3O9rwjJEwqwdAQ5xAuZTizTnyQ==
place
deseretdigital-tagan.adlightning.com/ Frame CD28 		0
445 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://deseretdigital-tagan.adlightning.com/place?p=1&d=lnOXk0SGlSZFJXUXJnSGZOUnFkbG0yNlk0d2dzSlItY2lIYWVlY29uQmRCWFdaTG5Rbno4V0V6dG5jSFF2NzFxU3laSGl3UU51VENkekdiRE0xQms0eUVRNjF6TENhbWVXX2podDNMZ1VCQ2ZUQ0lIM2txYUhLTWQ2N1NUbFlFOXBLRXdsbFFTdkNleGtDS3BycFFWT2RpZFdzbl9pakRVWVZ4ekhieXpPT29tQW93c1Z0Y0t4T1l1bF9zb05EXzREc1NKT0xmQXdLdnhMZ2NwcUhPRHJ6aFg2Z2Jta3lMTlVIVE04S2pZNmFGUU9PN0dHVS1CNElrWkdmWkl1Y0I5UURnRDM0R1NjTVFJcktLV3ZieGtjRVVCbHJLYjZRSWtPdDdEaVZUTlpNRmNDVTBHZG83a3dMNF9Pd1JkSUFYVVQ0R3RsSGlTUmVWSDJHX1pmSEEyOXJXbG1xV3VGTERzTndFMkpQRzJ0QktZTFlcIiBpZD1cImFiZ2xcIiB0YXJnZXQ9XCJfYmxhbmtcIj48YW1wLWltZyBjbGFzcz1cImktYW1waHRtbC1sYXlvdXQtZml4ZWQgaS1hbXBodG1sLWxheW91dC1zaXplLWRlZmluZWQgaS1hbXBodG1sLWVsZW1lbnQgaS1hbXBodG1sLWJ1aWx0IGktYW1waHRtbC1sYXlvdXRcIiBoZWlnaHQ9XCIxNVwiIGktYW1waHRtbC1sYXlvdXQ9XCJmaXhlZFwiIGktYW1waHRtbC1zc3I9XCJcIiBzcmM9XCJodHRwczovL3RwYy5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2ltYWdlcy9hZGNob2ljZXMvZW4ucG5nXCIgc3R5bGU9XCJ3aWR0aDo3NXB4O2hlaWdodDoxNXB4O1wiIHdpZHRoPVwiNzVcIj48aW1nIGNsYXNzPVwiaS1hbXBodG1sLWZpbGwtY29udGVudCBpLWFtcGh0bWwtcmVwbGFjZWQtY29udGVudFwiIGRlY29kaW5nPVwiYXN5bmNcIiBzcmM9XCJodHRwczovL3RwYy5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2ltYWdlcy9hZGNob2ljZXMvZW4ucG5nXCI%2BPC9hbXAtaW1nPjwvYT48L2Rpdj48ZGl2IGNsYXNzPVwiYWJnYlwiIGlkPVwiYWJnYlwiPjxhIGhyZWY9XCJodHRwczovL2Fkc3NldHRpbmdzLmdvb2dsZS5jb20vd2h5dGhpc2FkP3NvdXJjZT1kaXNwbGF5JmFtcDtyZWFzb25zPUFRV0ZuaXZ6dUFza01Wc3ZtRG91YVpPYXR1dDJaV3FZZmc5djJNOXBUOElieENUMVAzWGNiM1RXWFVsbzlHRWVuVEFfMnk0VmVNSzBvMHBadTF1MjcyaVJHenplZWpZT0FWMW9KQWtYbUhBNkVlRWF5TDUzMDhDVVQ0dWktLUxnTG1OVDVSeXVNNmljbV9rdnpNLWdGazVGalgtRWFsWnZqUHhmd0IzRXZGYUJ0bjdpd0oxS2xycFl6Rm5hN0RBaXFqME1iWHNmcW9jMFdaQkgxams3VEU4Z09aNFVhcmg3U3ZfZ29QQXBfMmk4NDdac0c0RGNtZG1renFBNklCSUw0amtzTU1nZEdMb1QyU1hFT1M2NEhxMThhdXNJb0VDVV9rajZ4N1RKQWFfNGRRMjZGWU9RWTJRRVE2YzZyTFJyeHowVlppcXhJcVQzdzkzQ1RZNFozdW5nTFlYbjhXbndnWVVOY25Vd1NCWl8yTVp2RE1MdVE1RHhQZkpoa0tZV002dlMzNXBhRlNlVm15VFFaQm02RG5IbVc3M2cwTnZpMmtnRURTc1VhcXduMzV6MlRFTjNTZEpna0Z3ZUtkaWluekZ4U2RHTDdMSW5GaHMzNmtweGZCdm9laW5qcVF4d0tyT1RCSng3c0txVFpiWHpDZldEV25zc0QyVFM3dW0zbnFiQ2k0N2t4ODgwYnp2LURpdzl0ak5KNW9QUzYwTTBsMDhhNjJNX1pNUDhhOGtQckdSMDRGR0FqUU9DaG02SlhpaDB2a0Qyakc2al9TR0FheE9lcFgtOWRCWW5EMkwxWmtFd1UyU09RRk45cmdMZ3JkaTg3bDkzYzhJekxUcUlSaC1oLXVVbnIybGdGS3otVEw3akptajh1c05NWlpIN2xEalR2eXlDdkUxZlQ4aDZFejEzRE94VGh6WEVfMUVZYWNmbUttTDdQSExubFZKNHhET3NnMEMxX1gza01HVkR0c00xcThJd2dkbUFEVm5ucWo5eFlmTllNbldMb1Y3UkZWZFpvY3JqR3J0dk1tRnJGZnZkbVUzYU5mcHZhSk9meExkU3p6b29BQVRWeUl6ZENXZUVTM3JKVl9oTW9lZ2RfdVU1Zkw1eFo1V2hMU18tR3VRbUt6VXByNklEb1dPb2hUa0dqcFUyMHZybjd3UlNqbnhsVXdtcU1CSWYwWkZSeGlXMDM5R1BtRnlXa1lONkJGamxBWmRqRUJ2NmFtemxyR0dEbGVOOWt2R1pMOTFJdkt1YWJnUmxmTG50c3J1Qy10OGpqYWY4UmlwTm5fYUszUlZIcmhEV1hKMVJUUHI1RmhjSDkwLXN0b2pkVW5ZUnlmNFlSc0VhZXU1TFFhS0ljSlotX21QOFhaOEliME9Ydlh2WGNDYmNyd082R2xqS1NRcW1oRjZjeDVFX3FMeC1DZ2VncUh5LXZsZnFxbHFxb0JTdlZwY3BITVUzMkdqWjR1MVJKTF9vNUhRUVRwR2lWa0RZeTBUUTRoMlV3LXVLNEpkcTZxWnk5aVJERmxOVFNNZEtsT0szTGpYTmh2T2RMamJib2hKME5NbHpHTDhNcUlmempsWjh3bkViQnB3dTN5ZjNSd0JGWmRSVzNSMTRCZUxqaUFkenNzdXo3LVJrR2QyVUJNWmZLZGFvb0FBNDhKVC1MeE80dldDUkt6YXczcF9nTERrWlhESEhFbjFrSnVsRU5LN19pSXJsc1lKd2ZoM0NaWTJEa3gyVHRfbjdSODAza2R0bmJtMV9lemEzWklXRmVNVkVobGZjVjNpRDdFX1k5SlJlTW9ZTGVoTzRtWUtibGtBekRLQUZyMTVyWU5NZWJPbTdJTVJsRkpMamgyalNjdkd2TVllMkRrWVJ0MDVNd1JNQXQ0eGtjXzl2OHhTNmpnSTN2MGt6dWdsUUlOUG1RZnF6N0RLQ1hmRUZyaUhpNGdxUXRnNjVaYmo5SE9YQ2VzVVNmcUI4YkpoMW9SdExyQTR2VEw5MzlfeHdCR2trLXZDc280RGdMV3lac0Yxay1wQXdvLUJkeHpxUFA4R0dqT0Exbmo3X3MzRFlYNHlxNFVvUHYzdC1DYVpSTlhZNVFHMXFmZVZKYy1zNUtyVklHc2VFQ250NDlPUUs1UlpyU2toV2NOTlFhYmd3WENZbGpPUkd2eDNWbTFwcHo3RmowS2Y1SE1QOV96dnMzR0FGUElYT0NlQklMYTloa1ZXOUNMREQzQW9VSjlITnc0TG54dEFjUnREdGlnOXk0SGlSZFJXUXJnSGZOUnFkbG0yNlk0d2dzSlItY2lIYWVlY29uQmRCWFdaTG5Rbno4V0V6dG5jSFF2NzFxU3laSGl3UU51VENkekdiRE0xQms0eUVRNjF6TENhbWVXX2podDNMZ1VCQ2ZUQ0lIM2txYUhLTWQ2N1NUbFlFOXBLRXdsbFFTdkNleGtDS3BycFFWT2RpZFdzbl9pakRVWVZ4ekhieXpPT29tQW93c1Z0Y0t4T1l1bF9zb05EXzREc1NKT0xmQXdLdnhMZ2NwcUhPRHJ6aFg2Z2Jta3lMTlVIVE04S2pZNmFGUU9PN0dHVS1CNElrWkdmWkl1Y0I5UURnRDM0R1NjTVFJcktLV3ZieGtjRVVCbHJLYjZRSWtPdDdEaVZUTlpNRmNDVTBHZG83a3dMNF9Pd1JkSUFYVVQ0R3RsSGlTUmVWSDJHX1pmSEEyOXJXbG1xV3VGTERzTndFMkpQRzJ0QktZTFlcIiB0YXJnZXQ9XCJfYmxhbmtcIj48YW1wLWltZyBjbGFzcz1cImktYW1waHRtbC1sYXlvdXQtZml4ZWQgaS1hbXBodG1sLWxheW91dC1zaXplLWRlZmluZWQgaS1hbXBodG1sLWVsZW1lbnQgaS1hbXBodG1sLWJ1aWx0IGktYW1waHRtbC1sYXlvdXRcIiBoZWlnaHQ9XCIxNVwiIGktYW1waHRtbC1sYXlvdXQ9XCJmaXhlZFwiIGktYW1waHRtbC1zc3I9XCJcIiBzcmM9XCJodHRwczovL3RwYy5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2ltYWdlcy9hZGNob2ljZXMvaWNvbi5wbmdcIiBzdHlsZT1cIndpZHRoOjE1cHg7aGVpZ2h0OjE1cHg7XCIgd2lkdGg9XCIxNVwiPjxpbWcgY2xhc3M9XCJpLWFtcGh0bWwtZmlsbC1jb250ZW50IGktYW1waHRtbC1yZXBsYWNlZC1jb250ZW50XCIgZGVjb2Rpbmc9XCJhc3luY1wiIHNyYz1cImh0dHBzOi8vdHBjLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvaW1hZ2VzL2FkY2hvaWNlcy9pY29uLnBuZ1wiPjwvYW1wLWltZz48L2E%2BPC9kaXY%2BPC9kaXY%2BPGFtcC1hbmFseXRpY3MgY2xhc3M9XCJpLWFtcGh0bWwtbGF5b3V0LWZpeGVkIGktYW1waHRtbC1sYXlvdXQtc2l6ZS1kZWZpbmVkIGktYW1waHRtbC1lbGVtZW50IGktYW1waHRtbC1idWlsdFwiIGktYW1waHRtbC1sYXlvdXQ9XCJmaXhlZFwiIHN0eWxlPVwid2lkdGg6MXB4O2hlaWdodDoxcHg7XCIgdHJpZ2dlcj1cImltbWVkaWF0ZVwiIGFyaWEtaGlkZGVuPVwidHJ1ZVwiIGhpZGRlbj1cIlwiPjxzY3JpcHQgdHlwZT1cImFwcGxpY2F0aW9uL2pzb25cIj57XCJyZXF1ZXN0c1wiOiB7XCJyZXBvcnROb0xhYmVsSW5zdGFuY2VcIjogXCJodHRwczovL2dvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvaW50ZXJhY3Rpb24vP2FpPUN3UjlOQm9BcFpabkhHWldnanV3UGlvRzF1QVhULXZUb2Nzdll5UDYxRWNDaGlyX0VOUkFCSUpiMmxJOEJZSlhDcG9Ld0I2QUI5NWpIekFMSUFRbXBBaWpuTXRnMnBiRS00QUlBcUFNQnlBTUtxZ1R3QWtfUW5TME5VT2p6eTBqUHdaR21ZMWF4WmJJb2lLUGh4MkV3MWFuRjh5R1JkRElpd2RHb0JwZHp1SVdIYXgtX3lzX3pPcm9qTVlNR1NCQ3pjQjBvdTk3WjdiY0RoRFBadkM1QlJrdXlGYlpUUC1UemVMdmlyMlZVZDVhRS1YblNKT3NlZkd2czR1NVMya2s3c01temxTX2ZsQnNVNWJpRTBJYkg3M3AxaEdMVUV2REwyTmhuMzBDTE1PbnpaTk9DOTFIZnI2bTRFcGhacFhKeVN4SUdUVFh5TmJHNHo2djNkQ3NRQUNOQkVBNlN2OFEzM2gzcHpQYXVTelV6WDVZd2s0eW5tcnhkQ3dmRmFaa3BOTTRBbm9Vdmo4N1VRVUdMYURDakxpZW1ZdUF0cGNTZERULVB0RHJ3ZFJwM1NTSGRqX3FoOWtzc2ZUdEVUeHRuMHY1TnVtUnVfY3c0cnlhdWFGc2htT1FaSXAwRkFZNHpuX3lINWltZmhoeFNEcGNweDZZMUV1d2NQeDg3VzNRd2dWMzV3QWNNQndpczNBR24zLVA2TlFVU0ZXUjBTZzI4SFJ3SkgwblJwY2VxcUFEaC02Qkctc19MNk1vOE9MeElnNXNORFNuVC1CRzdOcU9uQmlpS3ZHaFZ2Mml6d0FTSi1ydlNpZ1RnQkFHSUJlaWoxSUEwb0FZdWdBZng1cml6QWFnSDJiYXhBcWdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I2U2pzUUtvQjlYSkc2Z0hwcjRicUFlYUJxZ0g4OUVicUFlVzJCdW9CNnFic1FLb0I0T3RzUUtvQl8tZXNRS29COS1mc1FMWUJ3RFNDQllJZ09HQWNCQUJHQjB5QXVzQ09nS0FRRWk5X2NFNnNRbGFkUTFOanZrbDBvQUtBNWdMQWNnTEFZQU1BYW9OQWtSRnlBMEI0ZzBUQ0xQSmh1N0g4NEVERlJXUWd3Y2Rpa0FOVjlnVERkQVZBWmdXQWZnV0FZQVhBUSZzaWdoPTJHVU5BYUk4VVFzJmNpZD1DQVFTT3dESUNhYU42dlNWYTVORDVtbC15ZXVsZ2F1X0xZQzctOGNuTmdTOXRjclZBY2owNlVmR2FBaGxKNzZVeE5UUTgyR0ZhRllNLXdkZ3JRLTgmY2lkPUNBUVNPd0RJQ2FhTjZ2U1ZhNU5ENW1sLXlldWxnYXVfTFlDNy04Y25OZ1M5dGNyVkFjajA2VWZHYUFobEo3NlV4TlRRODJHRmFGWU0td2RnclEtOCZsYWJlbD0ke2xhYmVsfVwiLFwicmVwb3J0TGFiZWxJbnN0YW5jZVwiOiBcImh0dHBzOi8vZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9pbnRlcmFjdGlvbi8%2FYWk9Q3dSOU5Cb0FwWlpuSEdaV2dqdXdQaW9HMXVBWFQtdlRvY3N2WXlQNjFFY0NoaXJfRU5SQUJJSmIybEk4QllKWENwb0t3QjZBQjk1akh6QUxJQVFtcEFpam5NdGcycGJFLTRBSUFxQU1CeUFNS3FnVHdBa19RblMwTlVPanp5MGpQd1pHbVkxYXhaYklvaUtQaHgyRXcxYW5GOHlHUmRESWl3ZEdvQnBkenVJV0hheC1feXNfek9yb2pNWU1HU0JDemNCMG91OTdaN2JjRGhEUFp2QzVCUmt1eUZiWlRQLVR6ZUx2aXIyVlVkNWFFLVhuU0pPc2VmR3ZzNHU1UzJrazdzTW16bFNfZmxCc1U1YmlFMEliSDczcDFoR0xVRXZETDJOaG4zMENMTU9uelpOT0M5MUhmcjZtNEVwaFpwWEp5U3hJR1RUWHlOYkc0ejZ2M2RDc1FBQ05CRUE2U3Y4UTMzaDNwelBhdVN6VXpYNVl3azR5bm1yeGRDd2ZGYVprcE5NNEFub1V2ajg3VVFVR0xhRENqTGllbVl1QXRwY1NkRFQtUHREcndkUnAzU1NIZGpfcWg5a3NzZlR0RVR4dG4wdjVOdW1SdV9jdzRyeWF1YUZzaG1PUVpJcDBGQVk0em5feUg1aW1maGh4U0RwY3B4NlkxRXV3Y1B4ODdXM1F3Z1YzNXdBY01Cd2lzM0FHbjMtUDZOUVVTRldSMFNnMjhIUndKSDBuUnBjZXFxQURoLTZCRy1zX0w2TW84T0x4SWc1c05EU25ULUJHN05xT25CaWlLdkdoVnYyaXp3QVNKLXJ2U2lnVGdCQUdJQmVpajFJQTBvQVl1Z0FmeDVyaXpBYWdIMmJheEFxZ0hqczRicUFlVDJCdW9CLTZXc1FLb0JfNmVzUUtvQjZTanNRS29COVhKRzZnSHByNGJxQWVhQnFnSDg5RWJxQWVXMkJ1b0I2cWJzUUtvQjRPdHNRS29CXy1lc1FLb0I5LWZzUUxZQndEU0NCWUlnT0dBY0JBQkdCMHlBdXNDT2dLQVFFaTlfY0U2c1FsYWRRMU5qdmtsMG9BS0E1Z0xBY2dMQVlBTUFhb05Ba1JGeUEwQjRnMFRDTFBKaHU3SDg0RURGUldRZ3djZGlrQU5WOWdURGRBVkFaZ1dBZmdXQVlBWEFRJnNpZ2g9MkdVTkFh&i=8-13&t=adltag_lnow43fu_mip2d2D7bE&r=3bb80a83ef65df1abe1cf6ba49e7c53&c=deseretdigital&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-64.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
odvXiI1Ly1sj3Ab5_RmE7VvQnF.fsWxS
date
Fri, 13 Oct 2023 16:30:54 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
30449
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
0
last-modified
Fri, 28 Oct 2022 01:03:48 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
E3Jr-7e_SG9SkkNgcwUy5nUuCPOer_a-o5ktQfG1bCuwdfT7_TrvOQ==
place
deseretdigital-tagan.adlightning.com/ Frame CD28 		0
446 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://deseretdigital-tagan.adlightning.com/place?p=1&d=SThVUXMmY2lkPUNBUVNPd0RJQ2FhTjZ2U1ZhNU5ENW1sLXlldWxnYXVfTFlDNy04Y25OZ1M5dGNyVkFjajA2VWZHYUFobEo3NlV4TlRRODJHRmFGWU0td2RnclEtOCZjaWQ9Q0FRU093RElDYWFONnZTVmE1TkQ1bWwteWV1bGdhdV9MWUM3LThjbk5nUzl0Y3JWQWNqMDZVZkdhQWhsSjc2VXhOVFE4MkdGYUZZTS13ZGdyUS04JmxhYmVsPSR7bGFiZWx9JmxhYmVsX2luc3RhbmNlPSR7bGFiZWxJbnN0YW5jZX0mY2J0PW9GUVBmUnFFM0g4SXk5aklfclVSRU9pajFJQTBHUFhWMjdNQkloTm9iMlptYldGdWJpMW5aWEp0WVc1NUxtUmxNZ2dJQlJNWWllRUNGRUlYWTJFdGNIVmlMVFl5T0RBNE1qWTJNamMzTWpFeE5EWklCVmd1WUlnbmNBR29BUUVcIn0sXCJ0cmFuc3BvcnRcIjoge1wiYmVhY29uXCI6IGZhbHNlLFwieGhycG9zdFwiOiBmYWxzZSxcImltYWdlXCI6IHRydWV9LFwidHJpZ2dlcnNcIjoge1widHJhY2tNdXRlXCI6IHtcIm9uXCI6IFwiY2xpY2tcIixcInNlbGVjdG9yXCI6IFwibGFiZWxbZm9yPSdzcHIxJ11cIixcInJlcXVlc3RcIjogXCJyZXBvcnROb0xhYmVsSW5zdGFuY2VcIn0sXCJ0cmFja1JlcG9ydEFkXCI6IHtcIm9uXCI6IFwiY2xpY2tcIixcInNlbGVjdG9yXCI6IFwibGFiZWxbZm9yPSdzcHIyJ11cIixcInJlcXVlc3RcIjogXCJyZXBvcnRMYWJlbEluc3RhbmNlXCJ9LFwidHJhY2tTdXJ2ZXlSZXNwb25zZVwiOiB7XCJvblwiOiBcImNsaWNrXCIsXCJzZWxlY3RvclwiOiBcImxhYmVsW2Zvcj0nc3ByMyddXCIsXCJyZXF1ZXN0XCI6IFwicmVwb3J0TGFiZWxJbnN0YW5jZVwifSxcInRyYWNrV2h5VGhpc0FkXCI6IHtcIm9uXCI6IFwiY2xpY2tcIixcInNlbGVjdG9yXCI6IFwiI3NidG5cIixcInJlcXVlc3RcIjogXCJyZXBvcnRMYWJlbEluc3RhbmNlXCJ9fX08L3NjcmlwdD48L2FtcC1hbmFseXRpY3M%2BPGZvcm0gYWN0aW9uPVwiLy9nLmNvXCIgY2xhc3M9XCJzaCBzcyBqdCBhbXAtYW5pbWF0ZSBhYmdmIHBlbiBpLWFtcGh0bWwtZm9ybVwiIGlkPVwibXRhXCIgc3R5bGU9XCJwb3NpdGlvbjphYnNvbHV0ZTt0b3A6MDtmb250LWZhbWlseTpBcmlhbCxzYW5zLXNlcmlmO2ZvbnQtc2l6ZToxMnB4O2ZvbnQtd2VpZ2h0OjQwMDtsaW5lLWhlaWdodDoxZW1cIiB0YXJnZXQ9XCJfYmxhbmtcIiBub3ZhbGlkYXRlPVwiXCI%2BPGlucHV0IGlkPVwic3ByMFwiIG5hbWU9XCJhXCIgdHlwZT1cInJhZGlvXCI%2BPGlucHV0IGlkPVwic3ByMVwiIG5hbWU9XCJhXCIgdHlwZT1cInJhZGlvXCI%2BPGlucHV0IGlkPVwic3ByMlwiIG5hbWU9XCJhXCIgdHlwZT1cInJhZGlvXCI%2BPGlucHV0IGlkPVwic3ByM1wiIG5hbWU9XCJhXCIgdHlwZT1cInJhZGlvXCI%2BPGxhYmVsIGNsYXNzPVwiY2JiIHBlYVwiIGRhdGEtdmFycy1sYWJlbD1cInVzZXJfZmVlZGJhY2tfbWVudV9pbnRlcmFjdGlvblwiIGZvcj1cInNwcjFcIiBpZD1cImNiYlwiPjxzdmcgc3R5bGU9XCJ3aWR0aDoxNXB4O2hlaWdodDoxNXB4O3ZlcnRpY2FsLWFsaWduOnRvcFwiIHhtbG5zPVwiLy93d3cudzMub3JnLzIwMDAvc3ZnXCI%2BPHBhdGggZD1cIk0wLDBsMTUsMGwwLDE1bC0xNSwwWlwiIGZpbGw9XCIjY2RjY2NjXCI%2BPC9wYXRoPjxwYXRoIGQ9XCJNMy4yNSwzLjI1bDguNSw4LjVNMTEuNzUsMy4yNWwtOC41LDguNVwiIHN0cm9rZT1cIiMwMGFlY2RcIiBzdHJva2Utd2lkdGg9XCIxLjI1XCI%2BPC9wYXRoPjwvc3ZnPjwvbGFiZWw%2BPGRpdiBjbGFzcz1cInBuIGFiZ2ZcIiBpZD1cInNwdjFcIiBzdHlsZT1cInBvc2l0aW9uOmFic29sdXRlOy1tb3otYm94LXNpemluZzpib3JkZXItYm94Oy13ZWJraXQtYm94LXNpemluZzpib3JkZXItYm94O2JveC1zaXppbmc6Ym9yZGVyLWJveDtiYWNrZ3JvdW5kLWNvbG9yOiNmYWZhZmE7dGV4dC1hbGlnbjpjZW50ZXJcIj48YW1wLWZpdC10ZXh0IGNsYXNzPVwiZmwgaS1hbXBodG1sLWxheW91dC1yZXNwb25zaXZlIGktYW1waHRtbC1sYXlvdXQtc2l6ZS1kZWZpbmVkIGktYW1waHRtbC1lbGVtZW50IGktYW1waHRtbC1idWlsdCBpLWFtcGh0bWwtbGF5b3V0XCIgaGVpZ2h0PVwiMjUwXCIgaS1hbXBodG1sLWxheW91dD1cInJlc3BvbnNpdmVcIiBsYXlvdXQ9XCJyZXNwb25zaXZlXCIgbWF4LWZvbnQtc2l6ZT1cIjIwXCIgbWluLWZvbnQtc2l6ZT1cIjhcIiB3aWR0aD1cIjk3MFwiPjxpLWFtcGh0bWwtc2l6ZXIgc2xvdD1cImktYW1waHRtbC1zdmNcIiBzdHlsZT1cImRpc3BsYXk6YmxvY2s7cGFkZGluZy10b3A6MjUuNzczMiU7XCI%2BPC9pLWFtcGh0bWwtc2l6ZXI%2BPGRpdiBjbGFzcz1cImktYW1waHRtbC1maWxsLWNvbnRlbnQgaS1hbXBodG1sLWZpdC10ZXh0LWNvbnRlbnRcIiBzdHlsZT1cInZpc2liaWxpdHk6IHZpc2libGUgIWltcG9ydGFudDtcIj48ZGl2IGNsYXNzPVwiaS1hbXBodG1sLWZpdC10ZXh0LWNvbnRlbnQtd3JhcHBlclwiIHN0eWxlPVwiZm9udC1zaXplOiAyMHB4O1wiPjxkaXYgY2xhc3M9XCJjbG9zZVwiIGlkPVwibWVudS1kaXNtaXNzXCIgc3R5bGU9XCJwb3NpdGlvbjphYnNvbHV0ZTt0b3A6MnB4O2NvbG9yOiMwMDA7Zm9udC1zaXplOjE1cHg7bGluZS1oZWlnaHQ6MTVweDtvcGFjaXR5Oi41O2hlaWdodDoxNXB4O3dpZHRoOjE1cHg7dXNlci1zZWxlY3Q6bm9uZTtjdXJzb3I6cG9pbnRlclwiPjxsYWJlbCBmb3I9XCJzcHIwXCI%2BPHN2ZyB2aWV3Qm94PVwiMCAwIDI0IDI0XCI%2BPHBhdGggY2xhc3M9XCJuYXRpdmUtYXJyb3dcIiBkPVwiTTIwIDExSDcuODNsNS41OS01LjU5TDEyIDRsLTggOCA4IDggMS40MS0xLjQxTDcuODMgMTNIMjB2LTJ6XCI%2BPC9wYXRoPjwvc3ZnPjwvbGFiZWw%2BPC9kaXY%2BPGRpdiBpZD1cInRpXCI%2BPHNwYW4gY2xhc3M9XCJjdFwiIHN0eWxlPVwiZGlzcGxheTppbmxpbmUtYmxvY2s7bGluZS1oZWlnaHQ6MS4yOGVtO2NvbG9yOnJnYmEoMCwwLDAsLjQpO3RleHQtYWxpZ246Y2VudGVyO3BhZGRpbmc6LjNlbVwiPkFkcyBieSA8c3ZnIGZpbGw9XCIjMDAwMDAwXCIgdmlld0JveD1cIjAgMCA2MCAyNFwiIHhtbG5zPVwiaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmdcIj48cGF0aCBkPVwiTTcuNSAxNi4yOWMtNC4wNyAwLTcuNDktMy4zMS03LjQ5LTcuMzhTMy40MyAxLjUzIDcuNSAxLjUzYzIuMjUgMCAzLjg1Ljg4IDUuMDYgMi4wM2wtMS40MiAxLjQyYy0uODctLjgxLTIuMDQtMS40NC0zLjY0LTEuNDQtMi45NyAwLTUuMjkgMi40LTUuMjkgNS4zN3MyLjMyIDUuMzcgNS4yOSA1LjM3YzEuOTMgMCAzLjAzLS43NyAzLjczLTEuNDguNTgtLjU4Ljk1LTEuNCAxLjEtMi41NEg3LjVWOC4yNGg2Ljc5Yy4wNy4zNi4xMS43OS4xMSAxLjI2IDAgMS41MS0uNDEgMy4zOS0xLjc1IDQuNzItMS4zIDEuMzUtMi45NSAyLjA3LTUuMTUgMi4wN3ptMTcuNzUtNC43NmMwIDIuNzQtMi4xMyA0Ljc1LTQuNzUgNC43NXMtNC43NS0yLjAyLTQuNzUtNC43NWMwLTIuNzUgMi4xMy00Ljc1IDQuNzUtNC43NXM0Ljc1IDIgNC43NSA0Ljc1em0tMi4wOCAwYzAtMS43MS0xLjI0LTIuODgtMi42Ny0yLjg4cy0yLjY3IDEuMTctMi42NyAyLjg4YzAgMS42OSAxLjI0IDIuODggMi42NyAyLjg4czIuNjctMS4xOCAyLjY3LTIuODh6bTEzLjA4IDBjMCAyLjc0LTIuMTMgNC43NS00Ljc1IDQuNzVzLTQuNzUtMi4wMi00Ljc1LTQuNzVjMC0yLjc1IDIuMTMtNC43NSA0Ljc1LTQuNzVzNC43NSAyIDQuNzUgNC43NXptLTIuMDggMGMwLTEuNzEtMS4yNC0yLjg4LTIuNjctMi44OHMtMi42NyAxLjE3LTIuNjcgMi44OGMwIDEuNjkgMS4yNCAyLjg4IDIuNjcgMi44OHMyLjY3LTEuMTggMi42Ny0yLjg4em0xMi41OC00LjQ2djguNTNjMCAzLjUxLTIuMDcgNC45NS00LjUyIDQuOTUtMi4zIDAtMy42OS0xLjU1LTQuMjEtMi44MWwxLjgyLS43NmMuMzIuNzcgMS4xMiAxLjY5IDIuMzkgMS42OSAxLjU3IDAgMi41NC0uOTcgMi41NC0yLjc5di0uNjhoLS4wN2MtLjQ3LjU4LTEuMzcgMS4wOC0yLjUgMS4wOC0yLjM4IDAtNC41Ni0yLjA3LTQuNTYtNC43NCAwLTIuNjggMi4xOC00Ljc3IDQuNTYtNC43NyAxLjEzIDAgMi4wMy41IDIuNSAxLjA2aC4wN3YtLjc2aDEuOTh6bS0xLjg0IDQuNDhjMC0xLjY3LTEuMTItMi45LTIuNTQtMi45LTEuNDQgMC0yLjY1IDEuMjItMi42NSAyLjkgMCAxLjY2IDEuMjEgMi44NiAyLjY1IDIuODYgMS40My4wMSAyLjU0LTEuMiAyLjU0LTIuODZ6bTUuODktOS41MlYxNmgtMi4wOVYyLjAzaDIuMDl6bTguNDkgMTEuMDdsMS42MiAxLjA4Yy0uNTIuNzctMS43OCAyLjExLTMuOTYgMi4xMS0yLjcgMC00LjcyLTIuMDktNC43Mi00Ljc1IDAtMi44MyAyLjAzLTQuNzUgNC40OC00Ljc1IDIuNDcgMCAzLjY3IDEuOTYgNC4wNyAzLjAybC4yMi41NC02LjM2IDIuNjNjLjQ5Ljk1IDEuMjQgMS40NCAyLjMgMS40NCAxLjA3IDAgMS44MS0uNTMgMi4zNS0xLjMyem0tNC45OS0xLjcxbDQuMjUtMS43NmMtLjIzLS41OS0uOTQtMS4wMS0xLjc2LTEuMDEtMS4wNiAwLTIuNTQuOTMtMi40OSAyLjc3elwiPjwvcGF0aD48cGF0aCBkPVwiTTAgMGg2MnYyNEgwelwiIGZpbGw9XCJub25lXCI%2BPC9wYXRoPjwvc3ZnPjwvc3Bhbj48L2Rpdj48ZGl2IGlkPVwiYnRuc1wiPjxsYWJlbCBkYXRhLXZhcnMtbGFiZWw9XCJ1c2VyX2ZlZWRiYWNrX21lbnVfb3B0aW9uXCIgZGF0YS12YXJzLWxhYmVsLWluc3RhbmNlPVwiMVwiIGZvcj1cInNwcjJcIj48YSBjbGFzcz1cImJ0blwiIGlkPVwicmJ0blwiIHN0eWxlPVwiZGlzcGxheTppbmxpbmUtYmxvY2s7Ym9yZGVyLXJhZGl1czoycHg7LW1vei1ib3gtc2l6aW5nOmJvcmRlci1ib3g7LXdlYmtpdC1ib3gtc2l6aW5nOmJvcmRlci1ib3g7Ym94LXNpemluZzpib3JkZXItYm94O2JveC1zaGFkb3c6MHB4IDBweCAycHggcmdiYSgwLDAsMCwuMTIpLDBweCAxcHggM3B4IHJnYmEoMCwwLDAsLjI2KTtjdXJzb3I6cG9pbnRlcjtmb250LXNpemU6LjdlbTttYXJnaW46MCAxcHggLjRlbSAxcHg7YmFja2dyb3VuZC1jb2xvcjojNDI4NWY1O2NvbG9yOndoaXRlXCI%2BPHNwYW4gc3R5bGU9XCJkaXNwbGF5OmlubGluZS1ibG9jaztwYWRkaW5nOi41ZW0gLjZlbTtsaW5lLWhlaWdodDoxZW1cIj5TZW5kIGZlZWRiYWNrPC9zcGFuPjwvYT48L2xhYmVsPjxsYWJlbD48YSBjbGFzcz1cImJ0blwiIGRhdGEtdmFycy1sYWJlbD1cImNsb3NlYnV0dG9uX3doeXRoaXNhZF9jbGlja1wiIGRhdGEtdmFycy1sYWJlbC1pbnN0YW5jZT1cIjFcIiBocmVmPVwiaHR0cHM6Ly9hZHNzZXR0aW5ncy5nb29nbGUuY29tL3doeXRoaXNhZD9zb3VyY2U9ZGlzcGxheSZhbXA7cmVhc29ucz1BUVdGbml2enVBc2tNVnN2bURvdWFaT2F0dXQyWldxWWZnOXYyTTlwVDhJYnhDVDFQM1hjYjNUV1hVbG85R0VlblRBXzJ5NFZlTUswbzBwWnUxdTI3MmlSR3p6ZWVqWU9BVjFvSkFrWG1IQTZFZUVheUw1MzA4Q1VUNHVpLS1MZ0xtTlQ1Unl1TTZpY21fa3Z6TS1nRms1RmpYLUVhbFp2alB4ZndCM0V2RmFCdG43aXdKMUtscnBZekZuYTdEQWlxajBNYlhzZnFvYzBXWkJIMWprN1RFOGdPWjRVYXJoN1N2X2dvUEFwXzJpODQ3WnNHNERjbWRta3pxQTZJQklMNGprc01NZ2RHTG9UMlNYRU9TNjRIcTE4YXVzSW9FQ1Vfa2o2eDdUSkFhXzRkUTI2RllPUVkyUUVRNmM2ckxScnh6MFZaaXF4SXFUM3c5M0NUWTRaM3VuZ0xZWG44V253Z1lVTmNuVXdTQlpfMk1adkRNTHVRNUR4UGZKaGtLWVdNNnZTMzVwYUZTZVZteVRRWkJtNkRuSG1XNzNnME52aTJrZ0VEU3NVYXF3bjM1ejJURU4zU2RKZ2tGd2VLZGlpbnpGeFNkR0w3TEluRmhzMzZrcHhmQnZvZWluanFReHdLck9UQkp4N3NLcVRaYlh6Q2ZXRFduc3NEMlRTN3VtM25xYkNpNDdreDg4MGJ6di1EaXc5dGpOSjVvUFM2ME0wbDA4YTYyTV9aTVA4YThrUHJHUjA0RkdBalFPQ2htNkpYaWgwdmtEMmpHNmpfU0dBYXhPZXBYLTlkQlluRDJMMVprRXdVMlNPUUZOOXJnTGdyZGk4N2w5M2M4SXpMVHFJUmgtaC11VW5yMmxnRkt6LVRMN2pKbWo4dXNOTVpaSDdsRGpUdnl5Q3ZFMWZUOGg2RXoxM0RPeFRoelhFXzFFWWFjZm1LbUw3UEhMbmxWSjR4RE9zZzBDMV9YM2tNR1ZEdHNNMXE4SXdnZG1BRFZubnFqOXhZZk5ZTW5XTG9WN1JG&i=9-13&t=adltag_lnow43fu_mip2d2D7bE&r=3bb80a83ef65df1abe1cf6ba49e7c53&c=deseretdigital&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-64.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
odvXiI1Ly1sj3Ab5_RmE7VvQnF.fsWxS
date
Fri, 13 Oct 2023 16:30:54 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
30449
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
0
last-modified
Fri, 28 Oct 2022 01:03:48 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
vKCnnUKtpr_RrqUPzoHebGzCMzIRW73iJGpNqkCM3Yp83yG4OMU7hQ==
place
deseretdigital-tagan.adlightning.com/ Frame CD28 		0
446 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://deseretdigital-tagan.adlightning.com/place?p=1&d=VmRab2NyakdydHZNbUZyRmZ2ZG1VM2FOZnB2YUpPZnhMZFN6em9vQUFUVnlJemRDV2VFUzNySlZfaE1vZWdkX3VVNWZMNXhaNVdoTFNfLUd1UW1LelVwcjZJRG9XT29oVGtHanBVMjB2cm43d1JTam54bFV3bXFNQklmMFpGUnhpVzAzOUdQbUZ5V2tZTjZCRmpsQVpkakVCdjZhbXpsckdHRGxlTjlrdkdaTDkxSXZLdWFiZ1JsZkxudHNydUMtdDhqamFmOFJpcE5uX2FLM1JWSHJoRFdYSjFSVFByNUZoY0g5MC1zdG9qZFVuWVJ5ZjRZUnNFYWV1NUxRYUtJY0paLV9tUDhYWjhJYjBPWHZYdlhjQ2JjcndPNkdsaktTUXFtaEY2Y3g1RV9xTHgtQ2dlZ3FIeS12bGZxcWxxcW9CU3ZWcGNwSE1VMzJHalo0dTFSSkxfbzVIUVFUcEdpVmtEWXkwVFE0aDJVdy11SzRKZHE2cVp5OWlSREZsTlRTTWRLbE9LM0xqWE5odk9kTGpiYm9oSjBOTWx6R0w4TXFJZnpqbFo4d25FYkJwd3UzeWYzUndCRlpkUlczUjE0QmVMamlBZHpzc3V6Ny1Sa0dkMlVCTVpmS2Rhb29BQTQ4SlQtTHhPNHZXQ1JLemF3M3BfZ0xEa1pYREhIRW4xa0p1bEVOSzdfaUlybHNZSndmaDNDWlkyRGt4MlR0X243UjgwM2tkdG5ibTFfZXphM1pJV0ZlTVZFaGxmY1YzaUQ3RV9ZOUpSZU1vWUxlaE80bVlLYmxrQXpES0FGcjE1cllOTWViT203SU1SbEZKTGpoMmpTY3ZHdk1ZZTJEa1lSdDA1TXdSTUF0NHhrY185djh4UzZqZ0kzdjBrenVnbFFJTlBtUWZxejdES0NYZkVGcmlIaTRncVF0ZzY1WmJqOUhPWENlc1VTZnFCOGJKaDFvUnRMckE0dlRMOTM5X3h3Qkdray12Q3NvNERnTFd5WnNGMWstcEF3by1CZHh6cVBQOEdHak9BMW5qN19zM0RZWDR5cTRVb1B2M3QtQ2FaUk5YWTVRRzFxZmVWSmMtczVLclZJR3NlRUNudDQ5T1FLNVJaclNraFdjTk5RYWJnd1hDWWxqT1JHdngzVm0xcHB6N0ZqMEtmNUhNUDlfenZzM0dBRlBJWE9DZUJJTGE5aGtWVzlDTEREM0FvVUo5SE53NExueHRBY1J0RHRpZzl5NEhpUmRSV1FyZ0hmTlJxZGxtMjZZNHdnc0pSLWNpSGFlZWNvbkJkQlhXWkxuUW56OFdFenRuY0hRdjcxcVN5Wkhpd1FOdVRDZHpHYkRNMUJrNHlFUTYxekxDYW1lV19qaHQzTGdVQkNmVENJSDNrcWFIS01kNjdTVGxZRTlwS0V3bGxRU3ZDZXhrQ0twcnBRVk9kaWRXc25faWpEVVlWeHpIYnl6T09vbUFvd3NWdGNLeE9ZdWxfc29ORF80RHNTSk9MZkF3S3Z4TGdjcHFIT0RyemhYNmdibWt5TE5VSFRNOEtqWTZhRlFPTzdHR1UtQjRJa1pHZlpJdWNCOVFEZ0QzNEdTY01RSXJLS1d2YnhrY0VVQmxyS2I2UUlrT3Q3RGlWVE5aTUZjQ1UwR2RvN2t3TDRfT3dSZElBWFVUNEd0bEhpU1JlVkgyR19aZkhBMjlyV2xtcVd1RkxEc053RTJKUEcydEJLWUxZXCIgaWQ9XCJzYnRuXCIgc3R5bGU9XCJiYWNrZ3JvdW5kLWNvbG9yOiNmZmY7Y29sb3I6IzllOWVhNjt0ZXh0LWRlY29yYXRpb246bm9uZTtkaXNwbGF5OmlubGluZS1ibG9jaztib3JkZXItcmFkaXVzOjJweDstbW96LWJveC1zaXppbmc6Ym9yZGVyLWJveDstd2Via2l0LWJveC1zaXppbmc6Ym9yZGVyLWJveDtib3gtc2l6aW5nOmJvcmRlci1ib3g7Ym94LXNoYWRvdzowcHggMHB4IDJweCByZ2JhKDAsMCwwLC4xMiksMHB4IDFweCAzcHggcmdiYSgwLDAsMCwuMjYpO2N1cnNvcjpwb2ludGVyO2ZvbnQtc2l6ZTouN2VtO21hcmdpbjowIDFweCAuNGVtIDFweFwiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIHN0eWxlPVwiZGlzcGxheTppbmxpbmUtYmxvY2s7cGFkZGluZzouNWVtIC42ZW07bGluZS1oZWlnaHQ6MWVtXCI%2BV2h5IHRoaXMgYWQ%2FJm5ic3A7PHN2ZyBmaWxsPVwiIzAwMDAwMFwiIGlkPVwic2lcIiBzdHlsZT1cInBvc2l0aW9uOnJlbGF0aXZlO2Rpc3BsYXk6aW5saW5lLWJsb2NrO21hcmdpbi1ib3R0b206LS4xNWVtO2hlaWdodDoxZW07d2lkdGg6MWVtO29wYWNpdHk6LjRcIiB2aWV3Qm94PVwiMCAwIDE2IDE2XCIgeG1sbnM9XCIvL3d3dy53My5vcmcvMjAwMC9zdmdcIj48Y2lyY2xlIGN4PVwiNlwiIGN5PVwiNlwiIHI9XCIwLjY3XCI%2BPC9jaXJjbGU%2BPHBhdGggZD1cIk00LjIsMTEuM1EzLjMsMTEuOCwzLjMsMTAuNzVMMy4zLDQuMVEzLjMsMy4xLDQuMywzLjVMMTAuNCw3LjBRMTIuMCw3LjUsMTAuNCw4LjBMNi42NSwxMC4wTDYuNjUsNy43NWEwLjY1LDAuNjUsMCwxLDAsLTEuMywwTDUuMzUsMTAuNzVhMC45LDAuOSwwLDAsMCwxLjMsMC44TDEyLjcsOC4yUTEzLjcsNy41LDEyLjcsNi43TDMuMywxLjZRMi4yLDEuMywxLjgsMi41TDEuOCwxMi41UTIuMiwxMy45LDMuMywxMy4zTDQuOCwxMi41QTAuMywwLjMsMCwxLDAsNC4yLDExLjNaXCI%2BPC9wYXRoPjwvc3ZnPjwvc3Bhbj48L2E%2BPC9sYWJlbD48L2Rpdj48L2Rpdj48L2Rpdj48ZGl2IGNsYXNzPVwiaS1hbXBodG1sLWZpdC10ZXh0LW1lYXN1cmVyXCIgc3R5bGU9XCJmb250LXNpemU6IDIwcHg7XCI%2BPGRpdiBjbGFzcz1cImNsb3NlXCIgaWQ9XCJtZW51LWRpc21pc3NcIiBzdHlsZT1cInBvc2l0aW9uOmFic29sdXRlO3RvcDoycHg7Y29sb3I6IzAwMDtmb250LXNpemU6MTVweDtsaW5lLWhlaWdodDoxNXB4O29wYWNpdHk6LjU7aGVpZ2h0OjE1cHg7d2lkdGg6MTVweDt1c2VyLXNlbGVjdDpub25lO2N1cnNvcjpwb2ludGVyXCI%2BPGxhYmVsIGZvcj1cInNwcjBcIj48c3ZnIHZpZXdCb3g9XCIwIDAgMjQgMjRcIj48cGF0aCBjbGFzcz1cIm5hdGl2ZS1hcnJvd1wiIGQ9XCJNMjAgMTFINy44M2w1LjU5LTUuNTlMMTIgNGwtOCA4IDggOCAxLjQxLTEuNDFMNy44MyAxM0gyMHYtMnpcIj48L3BhdGg%2BPC9zdmc%2BPC9sYWJlbD48L2Rpdj48ZGl2IGlkPVwidGlcIj48c3BhbiBjbGFzcz1cImN0XCIgc3R5bGU9XCJkaXNwbGF5OmlubGluZS1ibG9jaztsaW5lLWhlaWdodDoxLjI4ZW07Y29sb3I6cmdiYSgwLDAsMCwuNCk7dGV4dC1hbGlnbjpjZW50ZXI7cGFkZGluZzouM2VtXCI%2BQWRzIGJ5IDxzdmcgZmlsbD1cIiMwMDAwMDBcIiB2aWV3Qm94PVwiMCAwIDYwIDI0XCIgeG1sbnM9XCJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2Z1wiPjxwYXRoIGQ9XCJNNy41IDE2LjI5Yy00LjA3IDAtNy40OS0zLjMxLTcuNDktNy4zOFMzLjQzIDEuNTMgNy41IDEuNTNjMi4yNSAwIDMuODUuODggNS4wNiAyLjAzbC0xLjQyIDEuNDJjLS44Ny0uODEtMi4wNC0xLjQ0LTMuNjQtMS40NC0yLjk3IDAtNS4yOSAyLjQtNS4yOSA1LjM3czIuMzIgNS4zNyA1LjI5IDUuMzdjMS45MyAwIDMuMDMtLjc3IDMuNzMtMS40OC41OC0uNTguOTUtMS40IDEuMS0yLjU0SDcuNVY4LjI0aDYuNzljLjA3LjM2LjExLjc5LjExIDEuMjYgMCAxLjUxLS40MSAzLjM5LTEuNzUgNC43Mi0xLjMgMS4zNS0yLjk1IDIuMDctNS4xNSAyLjA3em0xNy43NS00Ljc2YzAgMi43NC0yLjEzIDQuNzUtNC43NSA0Ljc1cy00Ljc1LTIuMDItNC43NS00Ljc1YzAtMi43NSAyLjEzLTQuNzUgNC43NS00Ljc1czQuNzUgMiA0Ljc1IDQuNzV6bS0yLjA4IDBjMC0xLjcxLTEuMjQtMi44OC0yLjY3LTIuODhzLTIuNjcgMS4xNy0yLjY3IDIuODhjMCAxLjY5IDEuMjQgMi44OCAyLjY3IDIuODhzMi42Ny0xLjE4IDIuNjctMi44OHptMTMuMDggMGMwIDIuNzQtMi4xMyA0Ljc1LTQuNzUgNC43NXMtNC43NS0yLjAyLTQuNzUtNC43NWMwLTIuNzUgMi4xMy00Ljc1IDQuNzUtNC43NXM0Ljc1IDIgNC43NSA0Ljc1em0tMi4wOCAwYzAtMS43MS0xLjI0LTIuODgtMi42Ny0yLjg4cy0yLjY3IDEuMTctMi42NyAyLjg4YzAgMS42OSAxLjI0IDIuODggMi42NyAyLjg4czIuNjctMS4xOCAyLjY3LTIuODh6bTEyLjU4LTQuNDZ2OC41M2MwIDMuNTEtMi4wNyA0Ljk1LTQuNTIgNC45NS0yLjMgMC0zLjY5LTEuNTUtNC4yMS0yLjgxbDEuODItLjc2Yy4zMi43NyAxLjEyIDEuNjkgMi4zOSAxLjY5IDEuNTcgMCAyLjU0LS45NyAyLjU0LTIuNzl2LS42OGgtLjA3Yy0uNDcuNTgtMS4zNyAxLjA4LTIuNSAxLjA4LTIuMzggMC00LjU2LTIuMDctNC41Ni00Ljc0IDAtMi42OCAyLjE4LTQuNzcgNC41Ni00Ljc3IDEuMTMgMCAyLjAzLjUgMi41IDEuMDZoLjA3di0uNzZoMS45OHptLTEuODQgNC40OGMwLTEuNjctMS4xMi0yLjktMi41NC0yLjktMS40NCAwLTIuNjUgMS4yMi0yLjY1IDIuOSAwIDEuNjYgMS4yMSAyLjg2IDIuNjUgMi44NiAxLjQzLjAxIDIuNTQtMS4yIDIuNTQtMi44NnptNS44OS05LjUyVjE2aC0yLjA5VjIuMDNoMi4wOXptOC40OSAxMS4wN2wxLjYyIDEuMDhjLS41Mi43Ny0xLjc4IDIuMTEtMy45NiAyLjExLTIuNyAwLTQuNzItMi4wOS00LjcyLTQuNzUgMC0yLjgzIDIuMDMtNC43NSA0LjQ4LTQuNzUgMi40NyAwIDMuNjcgMS45NiA0LjA3IDMuMDJsLjIyLjU0LTYuMzYgMi42M2MuNDkuOTUgMS4yNCAxLjQ0IDIuMyAxLjQ0IDEuMDcgMCAxLjgxLS41MyAyLjM1LTEuMzJ6bS00Ljk5LTEuNzFsNC4yNS0xLjc2Yy0uMjMtLjU5LS45NC0xLjAxLTEuNzYtMS4wMS0xLjA2IDAtMi41NC45My0yLjQ5IDIuNzd6XCI%2BPC9wYXRoPjxwYXRoIGQ9XCJNMCAwaDYydjI0SDB6XCIgZmlsbD1cIm5vbmVcIj48L3BhdGg%2BPC9zdmc%2BPC9zcGFuPjwvZGl2PjxkaXYgaWQ9XCJidG5zXCI%2BPGxhYmVsIGRhdGEtdmFycy1sYWJlbD1cInVzZXJfZmVlZGJhY2tfbWVudV9vcHRpb25cIiBkYXRhLXZhcnMtbGFiZWwtaW5zdGFuY2U9XCIxXCIgZm9yPVwic3ByMlwiPjxhIGNsYXNzPVwiYnRuXCIgaWQ9XCJyYnRuXCIgc3R5bGU9XCJkaXNwbGF5OmlubGluZS1ibG9jaztib3JkZXItcmFkaXVzOjJweDstbW96LWJveC1zaXppbmc6Ym9yZGVyLWJveDstd2Via2l0LWJveC1zaXppbmc6Ym9yZGVyLWJveDtib3gtc2l6aW5nOmJvcmRlci1ib3g7Ym94LXNoYWRvdzowcHggMHB4IDJweCByZ2JhKDAsMCwwLC4xMiksMHB4IDFweCAzcHggcmdiYSgwLDAsMCwuMjYpO2N1cnNvcjpwb2ludGVyO2ZvbnQtc2l6ZTouN2VtO21hcmdpbjowIDFweCAuNGVtIDFweDtiYWNrZ3JvdW5kLWNvbG9yOiM0Mjg1ZjU7Y29sb3I6d2hpdGVcIj48c3BhbiBzdHlsZT1cImRpc3BsYXk6aW5saW5lLWJsb2NrO3BhZGRpbmc6LjVlbSAuNmVtO2xpbmUtaGVpZ2h0OjFlbVwiPlNlbmQgZmVlZGJhY2s8L3NwYW4%2BPC9hPjwvbGFiZWw%2BPGxhYmVsPjxhIGNsYXNzPVwiYnRuXCIgZGF0YS12YXJzLWxhYmVsPVwiY2xvc2VidXR0b25fd2h5dGhpc2FkX2NsaWNrXCIgZGF0YS12YXJzLWxhYmVsLWluc3RhbmNlPVwiMVwiIGhyZWY9XCJodHRwczovL2Fkc3NldHRpbmdzLmdvb2dsZS5jb20vd2h5dGhpc2FkP3NvdXJjZT1kaXNwbGF5JmFtcDtyZWFzb25zPUFRV0ZuaXZ6dUFza01Wc3ZtRG91YVpPYXR1dDJaV3FZZmc5djJNOXBUOElieENUMVAzWGNiM1RXWFVsbzlHRWVuVEFfMnk0VmVNSzBvMHBadTF1MjcyaVJHenplZWpZT0FWMW9KQWtYbUhBNkVlRWF5TDUzMDhDVVQ0dWktLUxnTG1OVDVSeXVNNmljbV9rdnpNLWdGazVGalgtRWFsWnZqUHhmd0IzRXZGYUJ0bjdpd0oxS2xycFl6Rm5hN0RBaXFqME1iWHNmcW9jMFdaQkgxams3VEU4Z09aNFVhcmg3U3ZfZ29QQXBfMmk4NDdac0c0RGNtZG1renFBNklCSUw0amtzTU1nZEdMb1QyU1hFT1M2NEhxMThhdXNJb0VDVV9rajZ4N1RKQWFfNGRRMjZGWU9RWTJRRVE2YzZyTFJyeHowVlppcXhJcVQzdzkzQ1RZNFozdW5nTFlYbjhXbndnWVVOY25Vd1NCWl8yTVp2RE1MdVE1RHhQZkpoa0tZV002dlMzNXBhRlNlVm15VFFaQm02RG5IbVc3M2cwTnZpMmtnRURTc1VhcXduMzV6MlRFTjNTZEpna0Z3ZUtkaWluekZ4U2RHTDdMSW5GaHMzNmtweGZCdm9laW5qcVF4d0tyT1RCSng3c0txVFpiWHpDZldEV25zc0QyVFM3dW0zbnFiQ2k0N2t4ODgwYnp2LURpdzl0ak5KNW9QUzYwTTBsMDhhNjJNX1pNUDhhOGtQckdSMDRGR0FqUU9DaG02SlhpaDB2a0Qyakc2al9TR0FheE9lcFgtOWRCWW5EMkwxWmtFd1UyU09RRk45cmdMZ3JkaTg3bDkzYzhJekxUcUlSaC1oLXVVbnIybGdGS3otVEw3akptajh1c05NWlpIN2xEalR2eXlDdkUxZlQ4aDZFejEzRE94VGh6WEVfMUVZYWNmbUttTDdQSExubFZKNHhET3NnMEMxX1gza01HVkR0c00xcThJd2dkbUFEVm5ucWo5eFlmTllNbldMb1Y3UkZWZFpvY3JqR3J0dk1tRnJGZnZkbVUzYU5mcHZhSk9meExkU3p6b29BQVRWeUl6ZENXZUVTM3JKVl9oTW9lZ2RfdVU1Zkw1eFo1V2hMU18tR3&i=10-13&t=adltag_lnow43fu_mip2d2D7bE&r=3bb80a83ef65df1abe1cf6ba49e7c53&c=deseretdigital&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-64.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
odvXiI1Ly1sj3Ab5_RmE7VvQnF.fsWxS
date
Fri, 13 Oct 2023 16:30:54 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
30449
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
0
last-modified
Fri, 28 Oct 2022 01:03:48 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
FZnm1v1D6gaz7nq8jatwmdxPPZzFE3IjlPFq1MbpBOyUUDWvJSnF3g==
place
deseretdigital-tagan.adlightning.com/ Frame CD28 		0
444 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://deseretdigital-tagan.adlightning.com/place?p=1&d=VRbUt6VXByNklEb1dPb2hUa0dqcFUyMHZybjd3UlNqbnhsVXdtcU1CSWYwWkZSeGlXMDM5R1BtRnlXa1lONkJGamxBWmRqRUJ2NmFtemxyR0dEbGVOOWt2R1pMOTFJdkt1YWJnUmxmTG50c3J1Qy10OGpqYWY4UmlwTm5fYUszUlZIcmhEV1hKMVJUUHI1RmhjSDkwLXN0b2pkVW5ZUnlmNFlSc0VhZXU1TFFhS0ljSlotX21QOFhaOEliME9Ydlh2WGNDYmNyd082R2xqS1NRcW1oRjZjeDVFX3FMeC1DZ2VncUh5LXZsZnFxbHFxb0JTdlZwY3BITVUzMkdqWjR1MVJKTF9vNUhRUVRwR2lWa0RZeTBUUTRoMlV3LXVLNEpkcTZxWnk5aVJERmxOVFNNZEtsT0szTGpYTmh2T2RMamJib2hKME5NbHpHTDhNcUlmempsWjh3bkViQnB3dTN5ZjNSd0JGWmRSVzNSMTRCZUxqaUFkenNzdXo3LVJrR2QyVUJNWmZLZGFvb0FBNDhKVC1MeE80dldDUkt6YXczcF9nTERrWlhESEhFbjFrSnVsRU5LN19pSXJsc1lKd2ZoM0NaWTJEa3gyVHRfbjdSODAza2R0bmJtMV9lemEzWklXRmVNVkVobGZjVjNpRDdFX1k5SlJlTW9ZTGVoTzRtWUtibGtBekRLQUZyMTVyWU5NZWJPbTdJTVJsRkpMamgyalNjdkd2TVllMkRrWVJ0MDVNd1JNQXQ0eGtjXzl2OHhTNmpnSTN2MGt6dWdsUUlOUG1RZnF6N0RLQ1hmRUZyaUhpNGdxUXRnNjVaYmo5SE9YQ2VzVVNmcUI4YkpoMW9SdExyQTR2VEw5MzlfeHdCR2trLXZDc280RGdMV3lac0Yxay1wQXdvLUJkeHpxUFA4R0dqT0Exbmo3X3MzRFlYNHlxNFVvUHYzdC1DYVpSTlhZNVFHMXFmZVZKYy1zNUtyVklHc2VFQ250NDlPUUs1UlpyU2toV2NOTlFhYmd3WENZbGpPUkd2eDNWbTFwcHo3RmowS2Y1SE1QOV96dnMzR0FGUElYT0NlQklMYTloa1ZXOUNMREQzQW9VSjlITnc0TG54dEFjUnREdGlnOXk0SGlSZFJXUXJnSGZOUnFkbG0yNlk0d2dzSlItY2lIYWVlY29uQmRCWFdaTG5Rbno4V0V6dG5jSFF2NzFxU3laSGl3UU51VENkekdiRE0xQms0eUVRNjF6TENhbWVXX2podDNMZ1VCQ2ZUQ0lIM2txYUhLTWQ2N1NUbFlFOXBLRXdsbFFTdkNleGtDS3BycFFWT2RpZFdzbl9pakRVWVZ4ekhieXpPT29tQW93c1Z0Y0t4T1l1bF9zb05EXzREc1NKT0xmQXdLdnhMZ2NwcUhPRHJ6aFg2Z2Jta3lMTlVIVE04S2pZNmFGUU9PN0dHVS1CNElrWkdmWkl1Y0I5UURnRDM0R1NjTVFJcktLV3ZieGtjRVVCbHJLYjZRSWtPdDdEaVZUTlpNRmNDVTBHZG83a3dMNF9Pd1JkSUFYVVQ0R3RsSGlTUmVWSDJHX1pmSEEyOXJXbG1xV3VGTERzTndFMkpQRzJ0QktZTFlcIiBpZD1cInNidG5cIiBzdHlsZT1cImJhY2tncm91bmQtY29sb3I6I2ZmZjtjb2xvcjojOWU5ZWE2O3RleHQtZGVjb3JhdGlvbjpub25lO2Rpc3BsYXk6aW5saW5lLWJsb2NrO2JvcmRlci1yYWRpdXM6MnB4Oy1tb3otYm94LXNpemluZzpib3JkZXItYm94Oy13ZWJraXQtYm94LXNpemluZzpib3JkZXItYm94O2JveC1zaXppbmc6Ym9yZGVyLWJveDtib3gtc2hhZG93OjBweCAwcHggMnB4IHJnYmEoMCwwLDAsLjEyKSwwcHggMXB4IDNweCByZ2JhKDAsMCwwLC4yNik7Y3Vyc29yOnBvaW50ZXI7Zm9udC1zaXplOi43ZW07bWFyZ2luOjAgMXB4IC40ZW0gMXB4XCIgdGFyZ2V0PVwiX2JsYW5rXCI%2BPHNwYW4gc3R5bGU9XCJkaXNwbGF5OmlubGluZS1ibG9jaztwYWRkaW5nOi41ZW0gLjZlbTtsaW5lLWhlaWdodDoxZW1cIj5XaHkgdGhpcyBhZD8mbmJzcDs8c3ZnIGZpbGw9XCIjMDAwMDAwXCIgaWQ9XCJzaVwiIHN0eWxlPVwicG9zaXRpb246cmVsYXRpdmU7ZGlzcGxheTppbmxpbmUtYmxvY2s7bWFyZ2luLWJvdHRvbTotLjE1ZW07aGVpZ2h0OjFlbTt3aWR0aDoxZW07b3BhY2l0eTouNFwiIHZpZXdCb3g9XCIwIDAgMTYgMTZcIiB4bWxucz1cIi8vd3d3LnczLm9yZy8yMDAwL3N2Z1wiPjxjaXJjbGUgY3g9XCI2XCIgY3k9XCI2XCIgcj1cIjAuNjdcIj48L2NpcmNsZT48cGF0aCBkPVwiTTQuMiwxMS4zUTMuMywxMS44LDMuMywxMC43NUwzLjMsNC4xUTMuMywzLjEsNC4zLDMuNUwxMC40LDcuMFExMi4wLDcuNSwxMC40LDguMEw2LjY1LDEwLjBMNi42NSw3Ljc1YTAuNjUsMC42NSwwLDEsMCwtMS4zLDBMNS4zNSwxMC43NWEwLjksMC45LDAsMCwwLDEuMywwLjhMMTIuNyw4LjJRMTMuNyw3LjUsMTIuNyw2LjdMMy4zLDEuNlEyLjIsMS4zLDEuOCwyLjVMMS44LDEyLjVRMi4yLDEzLjksMy4zLDEzLjNMNC44LDEyLjVBMC4zLDAuMywwLDEsMCw0LjIsMTEuM1pcIj48L3BhdGg%2BPC9zdmc%2BPC9zcGFuPjwvYT48L2xhYmVsPjwvZGl2PjwvZGl2PjwvYW1wLWZpdC10ZXh0PjwvZGl2PjxkaXYgY2xhc3M9XCJwbiBhYmdmXCIgaWQ9XCJzcHYyXCIgc3R5bGU9XCJkaXNwbGF5Oi13ZWJraXQtZmxleDtkaXNwbGF5OmZsZXg7LXdlYmtpdC1qdXN0aWZ5LWNvbnRlbnQ6Y2VudGVyO2p1c3RpZnktY29udGVudDpjZW50ZXI7LXdlYmtpdC1mbGV4LXdyYXA6bm93cmFwO2ZsZXgtd3JhcDpub3dyYXA7b3ZlcmZsb3c6aGlkZGVuO2JhY2tncm91bmQtY29sb3I6I2ZhZmFmYTtmb250LXNpemU6MDtwb3NpdGlvbjphYnNvbHV0ZTstbW96LWJveC1zaXppbmc6Ym9yZGVyLWJveDstd2Via2l0LWJveC1zaXppbmc6Ym9yZGVyLWJveDtib3gtc2l6aW5nOmJvcmRlci1ib3g7YmFja2dyb3VuZC1jb2xvcjojZmFmYWZhO3RleHQtYWxpZ246Y2VudGVyXCI%2BPGxhYmVsIGNsYXNzPVwic2Igc29cIiBkYXRhLXZhcnMtbGFiZWw9XCJtdXRlX3N1cnZleV9vcHRpb25cIiBkYXRhLXZhcnMtbGFiZWwtaW5zdGFuY2U9XCI3XCIgZm9yPVwic3ByM1wiIHN0eWxlPVwicG9zaXRpb246cmVsYXRpdmU7ei1pbmRleDo5MTEwO292ZXJmbG93OmhpZGRlbjtkaXNwbGF5OmlubGluZS1ibG9jaztwYWRkaW5nOjFweCA1cHg7YmFja2dyb3VuZC1jb2xvcjojRkZGO2N1cnNvcjpwb2ludGVyO2ZsZXgtc2hyaW5rOjBcIj48ZGl2IHN0eWxlPVwiZGlzcGxheTotd2Via2l0LWZsZXg7ZGlzcGxheTpmbGV4Oy13ZWJraXQtYWxpZ24taXRlbXM6Y2VudGVyO2FsaWduLWl0ZW1zOmNlbnRlcjstd2Via2l0LWp1c3RpZnktY29udGVudDpjZW50ZXI7anVzdGlmeS1jb250ZW50OmNlbnRlcjt3aWR0aDoxMDAlO2hlaWdodDoxMDAlXCI%2BPHNwYW4gc3R5bGU9XCJjb2xvcjojNDI4NWY0O2ZvbnQtZmFtaWx5OkFyaWFsLHNhbnMtc2VyaWY7dGV4dC1hbGlnbjpjZW50ZXI7Zm9udC1zaXplOjEycHg7bGluZS1oZWlnaHQ6MTRweDt3aGl0ZS1zcGFjZTpub3JtYWxcIj5Ob3QgaW50ZXJlc3RlZCBpbiB0aGlzIGFkPC9zcGFuPjwvZGl2PjwvbGFiZWw%2BPGxhYmVsIGNsYXNzPVwic2Igc29cIiBkYXRhLXZhcnMtbGFiZWw9XCJtdXRlX3N1cnZleV9vcHRpb25cIiBkYXRhLXZhcnMtbGFiZWwtaW5zdGFuY2U9XCI4XCIgZm9yPVwic3ByM1wiIHN0eWxlPVwicG9zaXRpb246cmVsYXRpdmU7ei1pbmRleDo5MTEwO292ZXJmbG93OmhpZGRlbjtkaXNwbGF5OmlubGluZS1ibG9jaztwYWRkaW5nOjFweCA1cHg7YmFja2dyb3VuZC1jb2xvcjojRkZGO2N1cnNvcjpwb2ludGVyO2ZsZXgtc2hyaW5rOjBcIj48ZGl2IHN0eWxlPVwiZGlzcGxheTotd2Via2l0LWZsZXg7ZGlzcGxheTpmbGV4Oy13ZWJraXQtYWxpZ24taXRlbXM6Y2VudGVyO2FsaWduLWl0ZW1zOmNlbnRlcjstd2Via2l0LWp1c3RpZnktY29udGVudDpjZW50ZXI7anVzdGlmeS1jb250ZW50OmNlbnRlcjt3aWR0aDoxMDAlO2hlaWdodDoxMDAlXCI%2BPHNwYW4gc3R5bGU9XCJjb2xvcjojNDI4NWY0O2ZvbnQtZmFtaWx5OkFyaWFsLHNhbnMtc2VyaWY7dGV4dC1hbGlnbjpjZW50ZXI7Zm9udC1zaXplOjEycHg7bGluZS1oZWlnaHQ6MTRweDt3aGl0ZS1zcGFjZTpub3JtYWxcIj5BZCB3YXMgaW5hcHByb3ByaWF0ZTwvc3Bhbj48L2Rpdj48L2xhYmVsPjxsYWJlbCBjbGFzcz1cInNiIHNvXCIgZGF0YS12YXJzLWxhYmVsPVwibXV0ZV9zdXJ2ZXlfb3B0aW9uXCIgZGF0YS12YXJzLWxhYmVsLWluc3RhbmNlPVwiMlwiIGZvcj1cInNwcjNcIiBzdHlsZT1cInBvc2l0aW9uOnJlbGF0aXZlO3otaW5kZXg6OTExMDtvdmVyZmxvdzpoaWRkZW47ZGlzcGxheTppbmxpbmUtYmxvY2s7cGFkZGluZzoxcHggNXB4O2JhY2tncm91bmQtY29sb3I6I0ZGRjtjdXJzb3I6cG9pbnRlcjtmbGV4LXNocmluazowXCI%2BPGRpdiBzdHlsZT1cImRpc3BsYXk6LXdlYmtpdC1mbGV4O2Rpc3BsYXk6ZmxleDstd2Via2l0LWFsaWduLWl0ZW1zOmNlbnRlcjthbGlnbi1pdGVtczpjZW50ZXI7LXdlYmtpdC1qdXN0aWZ5LWNvbnRlbnQ6Y2VudGVyO2p1c3RpZnktY29udGVudDpjZW50ZXI7d2lkdGg6MTAwJTtoZWlnaHQ6MTAwJVwiPjxzcGFuIHN0eWxlPVwiY29sb3I6IzQyODVmNDtmb250LWZhbWlseTpBcmlhbCxzYW5zLXNlcmlmO3RleHQtYWxpZ246Y2VudGVyO2ZvbnQtc2l6ZToxMnB4O2xpbmUtaGVpZ2h0OjE0cHg7d2hpdGUtc3BhY2U6bm9ybWFsXCI%2BU2VlbiB0aGlzIGFkIG11bHRpcGxlIHRpbWVzPC9zcGFuPjwvZGl2PjwvbGFiZWw%2BPGxhYmVsIGNsYXNzPVwic2Igc29cIiBkYXRhLXZhcnMtbGFiZWw9XCJtdXRlX3N1cnZleV9vcHRpb25cIiBkYXRhLXZhcnMtbGFiZWwtaW5zdGFuY2U9XCIzXCIgZm9yPVwic3ByM1wiIHN0eWxlPVwicG9zaXRpb246cmVsYXRpdmU7ei1pbmRleDo5MTEwO292ZXJmbG93OmhpZGRlbjtkaXNwbGF5OmlubGluZS1ibG9jaztwYWRkaW5nOjFweCA1cHg7YmFja2dyb3VuZC1jb2xvcjojRkZGO2N1cnNvcjpwb2ludGVyO2ZsZXgtc2hyaW5rOjBcIj48ZGl2IHN0eWxlPVwiZGlzcGxheTotd2Via2l0LWZsZXg7ZGlzcGxheTpmbGV4Oy13ZWJraXQtYWxpZ24taXRlbXM6Y2VudGVyO2FsaWduLWl0ZW1zOmNlbnRlcjstd2Via2l0LWp1c3RpZnktY29udGVudDpjZW50ZXI7anVzdGlmeS1jb250ZW50OmNlbnRlcjt3aWR0aDoxMDAlO2hlaWdodDoxMDAlXCI%2BPHNwYW4gc3R5bGU9XCJjb2xvcjojNDI4NWY0O2ZvbnQtZmFtaWx5OkFyaWFsLHNhbnMtc2VyaWY7dGV4dC1hbGlnbjpjZW50ZXI7Zm9udC1zaXplOjEycHg7bGluZS1oZWlnaHQ6MTRweDt3aGl0ZS1zcGFjZTpub3JtYWxcIj5BZCBjb3ZlcmVkIGNvbnRlbnQ8L3NwYW4%2BPC9kaXY%2BPC9sYWJlbD48L2Rpdj48ZGl2IGNsYXNzPVwicG4gYWJnZlwiIGlkPVwic3B2M1wiIHN0eWxlPVwicG9zaXRpb246YWJzb2x1dGU7LW1vei1ib3gtc2l6aW5nOmJvcmRlci1ib3g7LXdlYmtpdC1ib3gtc2l6aW5nOmJvcmRlci1ib3g7Ym94LXNpemluZzpib3JkZXItYm94O2JhY2tncm91bmQtY29sb3I6I2ZhZmFmYTt0ZXh0LWFsaWduOmNlbnRlcjtvcGFjaXR5OjFcIj48YW1wLWZpdC10ZXh0IGNsYXNzPVwiZmwgaS1hbXBodG1sLWxheW91dC1yZXNwb25zaXZlIGktYW1waHRtbC1sYXlvdXQtc2l6ZS1kZWZpbmVkIGktYW1waHRtbC1lbGVtZW50IGktYW1waHRtbC1idWlsdCBpLWFtcGh0bWwtbGF5b3V0XCIgaGVpZ2h0PVwiMjUwXCIgaS1hbXBodG1sLWxheW91dD1cInJlc3BvbnNpdmVcIiBsYXlvdXQ9XCJyZXNwb25zaXZlXCIgbWF4LWZvbnQtc2l6ZT1cIjE3XCIgbWluLWZvbnQtc2l6ZT1cIjhcIiB3aWR0aD1cIjk3MFwiPjxpLWFtcGh0bWwtc2l6ZXIgc2xvdD1cImktYW1waHRtbC1zdmNcIiBzdHlsZT1cImRpc3BsYXk6YmxvY2s7cGFkZGluZy10b3A6MjUuNzczMiU7XCI%2BPC9pLWFtcGh0bWwtc2l6ZXI%2BPGRpdiBjbGFzcz1cImktYW1waHRtbC1maWxsLWNvbnRlbnQgaS1hbXBodG1sLWZpdC10ZXh0LWNvbnRlbnRcIiBzdHlsZT1cInZpc2liaWxpdHk6IHZpc2libGUgIWltcG9ydGFudDtcIj48ZGl2IGNsYXNzPVwiaS1hbXBodG1sLWZpdC10ZXh0LWNvbnRlbnQtd3JhcHBlclwiIHN0eWxlPVwiZm9udC1zaXplOiAxN3B4O1wiPjxzcGFuIGlkPVwicGN0XCIgc3R5bGU9XCJkaXNwbGF5OmJsb2NrO2ZvbnQtd2VpZ2h0OmJvbGQ7cGFkZGluZzoxZW0gLjNlbVwiPlRoYW5rcy4gRmVlZGJhY2sgaW1wcm92ZXMgR29vZ2xlIGFkczwvc3Bhbj48L2Rpdj48L2Rpdj48ZGl2IGNsYXNzPVwiaS1hbXBodG1sLWZpdC10ZXh0LW1lYXN1cmVyXCIgc3R5bGU9XCJmb250LXNpemU6IDE3cHg7XCI%2BPHNwYW4gaWQ9XCJwY3RcIiBzdHlsZT1cImRpc3BsYXk6YmxvY2s7Zm9udC13ZWlnaHQ6Ym9sZDtwYWRkaW5nOjFlbS&i=11-13&t=adltag_lnow43fu_mip2d2D7bE&r=3bb80a83ef65df1abe1cf6ba49e7c53&c=deseretdigital&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-64.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
odvXiI1Ly1sj3Ab5_RmE7VvQnF.fsWxS
date
Fri, 13 Oct 2023 16:30:54 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
30449
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
0
last-modified
Fri, 28 Oct 2022 01:03:48 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
WdYvjiE805bWPtS2wD9bC4raKTlJcyxUorYimjW9a30Xrrws6pD22g==
place
deseretdigital-tagan.adlightning.com/ Frame CD28 		0
444 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://deseretdigital-tagan.adlightning.com/place?p=1&d=AuM2VtXCI%2BVGhhbmtzLiBGZWVkYmFjayBpbXByb3ZlcyBHb29nbGUgYWRzPC9zcGFuPjwvZGl2PjwvYW1wLWZpdC10ZXh0PjwvZGl2PjxkaXYgY2xhc3M9XCJwbiBhYmdmXCIgaWQ9XCJzcHY0XCIgc3R5bGU9XCJwb3NpdGlvbjphYnNvbHV0ZTstbW96LWJveC1zaXppbmc6Ym9yZGVyLWJveDstd2Via2l0LWJveC1zaXppbmc6Ym9yZGVyLWJveDtib3gtc2l6aW5nOmJvcmRlci1ib3g7YmFja2dyb3VuZC1jb2xvcjojZmFmYWZhO3RleHQtYWxpZ246Y2VudGVyXCI%2BPGFtcC1maXQtdGV4dCBjbGFzcz1cImZsIGktYW1waHRtbC1sYXlvdXQtcmVzcG9uc2l2ZSBpLWFtcGh0bWwtbGF5b3V0LXNpemUtZGVmaW5lZCBpLWFtcGh0bWwtZWxlbWVudCBpLWFtcGh0bWwtYnVpbHQgaS1hbXBodG1sLWxheW91dFwiIGhlaWdodD1cIjI1MFwiIGktYW1waHRtbC1sYXlvdXQ9XCJyZXNwb25zaXZlXCIgbGF5b3V0PVwicmVzcG9uc2l2ZVwiIG1heC1mb250LXNpemU9XCIyMFwiIG1pbi1mb250LXNpemU9XCI4XCIgd2lkdGg9XCI5NzBcIj48aS1hbXBodG1sLXNpemVyIHNsb3Q9XCJpLWFtcGh0bWwtc3ZjXCIgc3R5bGU9XCJkaXNwbGF5OmJsb2NrO3BhZGRpbmctdG9wOjI1Ljc3MzIlO1wiPjwvaS1hbXBodG1sLXNpemVyPjxkaXYgY2xhc3M9XCJpLWFtcGh0bWwtZmlsbC1jb250ZW50IGktYW1waHRtbC1maXQtdGV4dC1jb250ZW50XCIgc3R5bGU9XCJ2aXNpYmlsaXR5OiB2aXNpYmxlICFpbXBvcnRhbnQ7XCI%2BPGRpdiBjbGFzcz1cImktYW1waHRtbC1maXQtdGV4dC1jb250ZW50LXdyYXBwZXJcIiBzdHlsZT1cImZvbnQtc2l6ZTogMjBweDtcIj48c3BhbiBjbGFzcz1cImN0IGZjdFwiIHN0eWxlPVwiZGlzcGxheTppbmxpbmUtYmxvY2s7bGluZS1oZWlnaHQ6MS4yOGVtO2NvbG9yOnJnYmEoMCwwLDAsLjQpO3RleHQtYWxpZ246Y2VudGVyO3BhZGRpbmc6MWVtXCI%2BQWQgY2xvc2VkIGJ5IDxzdmcgZmlsbD1cIiMwMDAwMDBcIiB2aWV3Qm94PVwiMCAwIDYwIDI0XCIgeG1sbnM9XCJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2Z1wiPjxwYXRoIGQ9XCJNNy41IDE2LjI5Yy00LjA3IDAtNy40OS0zLjMxLTcuNDktNy4zOFMzLjQzIDEuNTMgNy41IDEuNTNjMi4yNSAwIDMuODUuODggNS4wNiAyLjAzbC0xLjQyIDEuNDJjLS44Ny0uODEtMi4wNC0xLjQ0LTMuNjQtMS40NC0yLjk3IDAtNS4yOSAyLjQtNS4yOSA1LjM3czIuMzIgNS4zNyA1LjI5IDUuMzdjMS45MyAwIDMuMDMtLjc3IDMuNzMtMS40OC41OC0uNTguOTUtMS40IDEuMS0yLjU0SDcuNVY4LjI0aDYuNzljLjA3LjM2LjExLjc5LjExIDEuMjYgMCAxLjUxLS40MSAzLjM5LTEuNzUgNC43Mi0xLjMgMS4zNS0yLjk1IDIuMDctNS4xNSAyLjA3em0xNy43NS00Ljc2YzAgMi43NC0yLjEzIDQuNzUtNC43NSA0Ljc1cy00Ljc1LTIuMDItNC43NS00Ljc1YzAtMi43NSAyLjEzLTQuNzUgNC43NS00Ljc1czQuNzUgMiA0Ljc1IDQuNzV6bS0yLjA4IDBjMC0xLjcxLTEuMjQtMi44OC0yLjY3LTIuODhzLTIuNjcgMS4xNy0yLjY3IDIuODhjMCAxLjY5IDEuMjQgMi44OCAyLjY3IDIuODhzMi42Ny0xLjE4IDIuNjctMi44OHptMTMuMDggMGMwIDIuNzQtMi4xMyA0Ljc1LTQuNzUgNC43NXMtNC43NS0yLjAyLTQuNzUtNC43NWMwLTIuNzUgMi4xMy00Ljc1IDQuNzUtNC43NXM0Ljc1IDIgNC43NSA0Ljc1em0tMi4wOCAwYzAtMS43MS0xLjI0LTIuODgtMi42Ny0yLjg4cy0yLjY3IDEuMTctMi42NyAyLjg4YzAgMS42OSAxLjI0IDIuODggMi42NyAyLjg4czIuNjctMS4xOCAyLjY3LTIuODh6bTEyLjU4LTQuNDZ2OC41M2MwIDMuNTEtMi4wNyA0Ljk1LTQuNTIgNC45NS0yLjMgMC0zLjY5LTEuNTUtNC4yMS0yLjgxbDEuODItLjc2Yy4zMi43NyAxLjEyIDEuNjkgMi4zOSAxLjY5IDEuNTcgMCAyLjU0LS45NyAyLjU0LTIuNzl2LS42OGgtLjA3Yy0uNDcuNTgtMS4zNyAxLjA4LTIuNSAxLjA4LTIuMzggMC00LjU2LTIuMDctNC41Ni00Ljc0IDAtMi42OCAyLjE4LTQuNzcgNC41Ni00Ljc3IDEuMTMgMCAyLjAzLjUgMi41IDEuMDZoLjA3di0uNzZoMS45OHptLTEuODQgNC40OGMwLTEuNjctMS4xMi0yLjktMi41NC0yLjktMS40NCAwLTIuNjUgMS4yMi0yLjY1IDIuOSAwIDEuNjYgMS4yMSAyLjg2IDIuNjUgMi44NiAxLjQzLjAxIDIuNTQtMS4yIDIuNTQtMi44NnptNS44OS05LjUyVjE2aC0yLjA5VjIuMDNoMi4wOXptOC40OSAxMS4wN2wxLjYyIDEuMDhjLS41Mi43Ny0xLjc4IDIuMTEtMy45NiAyLjExLTIuNyAwLTQuNzItMi4wOS00LjcyLTQuNzUgMC0yLjgzIDIuMDMtNC43NSA0LjQ4LTQuNzUgMi40NyAwIDMuNjcgMS45NiA0LjA3IDMuMDJsLjIyLjU0LTYuMzYgMi42M2MuNDkuOTUgMS4yNCAxLjQ0IDIuMyAxLjQ0IDEuMDcgMCAxLjgxLS41MyAyLjM1LTEuMzJ6bS00Ljk5LTEuNzFsNC4yNS0xLjc2Yy0uMjMtLjU5LS45NC0xLjAxLTEuNzYtMS4wMS0xLjA2IDAtMi41NC45My0yLjQ5IDIuNzd6XCI%2BPC9wYXRoPjxwYXRoIGQ9XCJNMCAwaDYydjI0SDB6XCIgZmlsbD1cIm5vbmVcIj48L3BhdGg%2BPC9zdmc%2BPC9zcGFuPjwvZGl2PjwvZGl2PjxkaXYgY2xhc3M9XCJpLWFtcGh0bWwtZml0LXRleHQtbWVhc3VyZXJcIiBzdHlsZT1cImZvbnQtc2l6ZTogMjBweDtcIj48c3BhbiBjbGFzcz1cImN0IGZjdFwiIHN0eWxlPVwiZGlzcGxheTppbmxpbmUtYmxvY2s7bGluZS1oZWlnaHQ6MS4yOGVtO2NvbG9yOnJnYmEoMCwwLDAsLjQpO3RleHQtYWxpZ246Y2VudGVyO3BhZGRpbmc6MWVtXCI%2BQWQgY2xvc2VkIGJ5IDxzdmcgZmlsbD1cIiMwMDAwMDBcIiB2aWV3Qm94PVwiMCAwIDYwIDI0XCIgeG1sbnM9XCJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2Z1wiPjxwYXRoIGQ9XCJNNy41IDE2LjI5Yy00LjA3IDAtNy40OS0zLjMxLTcuNDktNy4zOFMzLjQzIDEuNTMgNy41IDEuNTNjMi4yNSAwIDMuODUuODggNS4wNiAyLjAzbC0xLjQyIDEuNDJjLS44Ny0uODEtMi4wNC0xLjQ0LTMuNjQtMS40NC0yLjk3IDAtNS4yOSAyLjQtNS4yOSA1LjM3czIuMzIgNS4zNyA1LjI5IDUuMzdjMS45MyAwIDMuMDMtLjc3IDMuNzMtMS40OC41OC0uNTguOTUtMS40IDEuMS0yLjU0SDcuNVY4LjI0aDYuNzljLjA3LjM2LjExLjc5LjExIDEuMjYgMCAxLjUxLS40MSAzLjM5LTEuNzUgNC43Mi0xLjMgMS4zNS0yLjk1IDIuMDctNS4xNSAyLjA3em0xNy43NS00Ljc2YzAgMi43NC0yLjEzIDQuNzUtNC43NSA0Ljc1cy00Ljc1LTIuMDItNC43NS00Ljc1YzAtMi43NSAyLjEzLTQuNzUgNC43NS00Ljc1czQuNzUgMiA0Ljc1IDQuNzV6bS0yLjA4IDBjMC0xLjcxLTEuMjQtMi44OC0yLjY3LTIuODhzLTIuNjcgMS4xNy0yLjY3IDIuODhjMCAxLjY5IDEuMjQgMi44OCAyLjY3IDIuODhzMi42Ny0xLjE4IDIuNjctMi44OHptMTMuMDggMGMwIDIuNzQtMi4xMyA0Ljc1LTQuNzUgNC43NXMtNC43NS0yLjAyLTQuNzUtNC43NWMwLTIuNzUgMi4xMy00Ljc1IDQuNzUtNC43NXM0Ljc1IDIgNC43NSA0Ljc1em0tMi4wOCAwYzAtMS43MS0xLjI0LTIuODgtMi42Ny0yLjg4cy0yLjY3IDEuMTctMi42NyAyLjg4YzAgMS42OSAxLjI0IDIuODggMi42NyAyLjg4czIuNjctMS4xOCAyLjY3LTIuODh6bTEyLjU4LTQuNDZ2OC41M2MwIDMuNTEtMi4wNyA0Ljk1LTQuNTIgNC45NS0yLjMgMC0zLjY5LTEuNTUtNC4yMS0yLjgxbDEuODItLjc2Yy4zMi43NyAxLjEyIDEuNjkgMi4zOSAxLjY5IDEuNTcgMCAyLjU0LS45NyAyLjU0LTIuNzl2LS42OGgtLjA3Yy0uNDcuNTgtMS4zNyAxLjA4LTIuNSAxLjA4LTIuMzggMC00LjU2LTIuMDctNC41Ni00Ljc0IDAtMi42OCAyLjE4LTQuNzcgNC41Ni00Ljc3IDEuMTMgMCAyLjAzLjUgMi41IDEuMDZoLjA3di0uNzZoMS45OHptLTEuODQgNC40OGMwLTEuNjctMS4xMi0yLjktMi41NC0yLjktMS40NCAwLTIuNjUgMS4yMi0yLjY1IDIuOSAwIDEuNjYgMS4yMSAyLjg2IDIuNjUgMi44NiAxLjQzLjAxIDIuNTQtMS4yIDIuNTQtMi44NnptNS44OS05LjUyVjE2aC0yLjA5VjIuMDNoMi4wOXptOC40OSAxMS4wN2wxLjYyIDEuMDhjLS41Mi43Ny0xLjc4IDIuMTEtMy45NiAyLjExLTIuNyAwLTQuNzItMi4wOS00LjcyLTQuNzUgMC0yLjgzIDIuMDMtNC43NSA0LjQ4LTQuNzUgMi40NyAwIDMuNjcgMS45NiA0LjA3IDMuMDJsLjIyLjU0LTYuMzYgMi42M2MuNDkuOTUgMS4yNCAxLjQ0IDIuMyAxLjQ0IDEuMDcgMCAxLjgxLS41MyAyLjM1LTEuMzJ6bS00Ljk5LTEuNzFsNC4yNS0xLjc2Yy0uMjMtLjU5LS45NC0xLjAxLTEuNzYtMS4wMS0xLjA2IDAtMi41NC45My0yLjQ5IDIuNzd6XCI%2BPC9wYXRoPjxwYXRoIGQ9XCJNMCAwaDYydjI0SDB6XCIgZmlsbD1cIm5vbmVcIj48L3BhdGg%2BPC9zdmc%2BPC9zcGFuPjwvZGl2PjwvYW1wLWZpdC10ZXh0PjwvZGl2PjwvZm9ybT48L2Rpdj48YW1wLXBpeGVsIGFsbG93LXNzci1pbWc9XCJcIiBjbGFzcz1cImktYW1waHRtbC1sYXlvdXQtZml4ZWQgaS1hbXBodG1sLWxheW91dC1zaXplLWRlZmluZWQgaS1hbXBodG1sLWVsZW1lbnQgaS1hbXBodG1sLWJ1aWx0XCIgaS1hbXBodG1sLWxheW91dD1cImZpeGVkXCIgaS1hbXBodG1sLXNzcj1cIlwiIHNyYz1cIi8vd3d3Lmdvb2dsZS5jb20vYWRzL21lYXN1cmVtZW50L2w%2FZWJjaWQ9QUxoN0NhUjlzTkZmZ0NlWUpMM3UxYzZZYTZVTTVYNGJUTmRQTy1rREYzRWgtX3RQbS1VdWFROGl6V09NNnFJZlJuR0RldDgtVmdwalwiIHN0eWxlPVwid2lkdGg6MXB4O2hlaWdodDoxcHg7XCIgYXJpYS1oaWRkZW49XCJ0cnVlXCI%2BPGltZyBzcmM9XCIvL3d3dy5nb29nbGUuY29tL2Fkcy9tZWFzdXJlbWVudC9sP2ViY2lkPUFMaDdDYVI5c05GZmdDZVlKTDN1MWM2WWE2VU01WDRiVE5kUE8ta0RGM0VoLV90UG0tVXVhUThpeldPTTZxSWZSbkdEZXQ4LVZncGpcIj48L2FtcC1waXhlbD48ZGl2IHN0eWxlPVwiYm90dG9tOjA7cmlnaHQ6MDt3aWR0aDo5NzBweDtoZWlnaHQ6MjUwcHg7YmFja2dyb3VuZDppbml0aWFsO3Bvc2l0aW9uOmFic29sdXRlO21heC13aWR0aDoxMDAlO21heC1oZWlnaHQ6MTAwJTtwb2ludGVyLWV2ZW50czpub25lO2ltYWdlLXJlbmRlcmluZzpwaXhlbGF0ZWQ7ei1pbmRleDoyMTQ3NDgzNjQ3O2JhY2tncm91bmQtaW1hZ2U6dXJsKCdkYXRhOmltYWdlL3BuZztiYXNlNjQsaVZCT1J3MEtHZ29BQUFBTlNVaEVVZ0FBQUNzQUFBQVdCQU1BQUFDcmwzaUFBQUFBQmxCTVZFVUFBQUQrQWNpV21aeldBQUFBQW5SU1RsTUFBcGlkckJRQUFBQ0FTVVJCVkJqVGJaRUJEb0F3Q0FQTEQvci8xK29LQldaY0RBTnpRb3ZBLzRrOG1hK0tla013bjZwRUlPWldURTZVZzZxYjJyUjdrMU41ZHJPdEMwWGN1aytyQTBTNlFNSGtrbjF5RFJHZmRIZDNYMG8xNlFTakEwdjVVbEl6MHV2bzdtMEdsc3RXSVg2MllOTDdydm02dk15bXk1KysrL3lkdHJnMzZNNXZmQUREL3dac2NaOFZPUUFBQUFCSlJVNUVya0pnZ2c9PScpO1wiPjwvZGl2PjxhbXAtYW5hbHl0aWNzIGNsYXNzPVwiaS1hbXBodG1sLWxheW91dC1maXhlZCBpLWFtcGh0bWwtbGF5b3V0LXNpemUtZGVmaW5lZCBpLWFtcGh0bWwtZWxlbWVudCBpLWFtcGh0bWwtYnVpbHRcIiBpLWFtcGh0bWwtbGF5b3V0PVwiZml4ZWRcIiBzdHlsZT1cIndpZHRoOjFweDtoZWlnaHQ6MXB4O1wiIHRyaWdnZXI9XCJpbW1lZGlhdGVcIiBhcmlhLWhpZGRlbj1cInRydWVcIiBoaWRkZW49XCJcIj48c2NyaXB0IHR5cGU9XCJhcHBsaWNhdGlvbi9qc29uXCI%2Be1widHJhbnNwb3J0XCI6IHtcImJlYWNvblwiOiBmYWxzZSwgXCJ4aHJwb3N0XCI6IGZhbHNlfSxcInJlcXVlc3RzXCI6IHtcInZpc2liaWxpdHkxXCI6IFwiaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wY3MvYWN0aXZldmlldz94YWk9QUtBT2pzdWVTOVRwekpKSXNRa19DS25tM1BkMVRkQkt0QmdBMXdUdi1vaFFITFdNME55NjFnT3hFbTN0Y2dldklZcFFNYlhzVmtHeC1idWNMX1Z1WHgzUVdWUkF3azBHVkxPMnpEYjZnY05qeWFHdU81SG16MHhCdjlwT1VyVHc4RTZ4NkgyeGNyMnpuTjluQ3BDM2N6OGxNTmdZbm1tLW8xdHpaTGV2OEU4bFVsayZzYWk9QU1mbC1ZUnpJaVFmMXNvVXBNbXJhQWxPLU5CaU&i=12-13&t=adltag_lnow43fu_mip2d2D7bE&r=3bb80a83ef65df1abe1cf6ba49e7c53&c=deseretdigital&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-64.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
odvXiI1Ly1sj3Ab5_RmE7VvQnF.fsWxS
date
Fri, 13 Oct 2023 16:30:54 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
30449
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
0
last-modified
Fri, 28 Oct 2022 01:03:48 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
1ektY34GQzPTzieX8_odv64dAvhs2z_0q0MQ8SOJixRCs-1srj6eRQ==
place
deseretdigital-tagan.adlightning.com/ Frame CD28 		0
446 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://deseretdigital-tagan.adlightning.com/place?p=1&d=puWkxhckFmVzJfTGxxSmtIS3JuQ21LQXBaWWtTMnk4RjdZR1ZNVkV6Y3dHcm0zeC0tX3E5RDBKWTRhd2xFQy1Dd09CWDc1YzFqdmduTkhvaEowVUxUVFVBc042RnEwcXBxZyZzaWc9Q2cwQXJLSlN6TlE3LUhmXzlXc01FQUUmY2lkPUNBUVNPd0RJQ2FhTjZ2U1ZhNU5ENW1sLXlldWxnYXVfTFlDNy04Y25OZ1M5dGNyVkFjajA2VWZHYUFobEo3NlV4TlRRODJHRmFGWU0td2RnclEtOEdBRSZpZD1hbXBpbSZvPSR7ZWxlbWVudFh9LCR7ZWxlbWVudFl9JmQ9JHtlbGVtZW50V2lkdGh9LCR7ZWxlbWVudEhlaWdodH0mc3M9JHtzY3JlZW5XaWR0aH0sJHtzY3JlZW5IZWlnaHR9JmJzPSR7dmlld3BvcnRXaWR0aH0sJHt2aWV3cG9ydEhlaWdodH0mbWN2dD0ke21heENvbnRpbnVvdXNWaXNpYmxlVGltZX0mbXRvcz0wLDAsMCwke21heENvbnRpbnVvdXNWaXNpYmxlVGltZX0sJHttYXhDb250aW51b3VzVmlzaWJsZVRpbWV9JnRvcz0wLDAsMCwke3RvdGFsVmlzaWJsZVRpbWV9LDAmdGZzPSR7Zmlyc3RTZWVuVGltZX0mdGxzPSR7bGFzdFNlZW5UaW1lfSZnPSR7bWluVmlzaWJsZVBlcmNlbnRhZ2V9Jmg9JHttYXhWaXNpYmxlUGVyY2VudGFnZX0mdHQ9JHt0b3RhbFRpbWV9JnI9diZhdm1zPWFtcGEmdWFwPSR7dWFjaChwbGF0Zm9ybSl9JnVhcHY9JHt1YWNoKHBsYXRmb3JtVmVyc2lvbil9JnVhYT0ke3VhY2goYXJjaGl0ZWN0dXJlKX0mdWFtPSR7dWFjaChtb2RlbCl9JnVhZnY9JHt1YWNoKHVhRnVsbFZlcnNpb24pfSZ1YWI9JHt1YWNoKGJpdG5lc3MpfSZ1YWZ2bD0ke3VhY2goZnVsbFZlcnNpb25MaXN0KX0mdWF3PSR7dWFjaCh3b3c2NCl9JmFkaz0wXCJ9LFwidHJpZ2dlcnNcIjoge1wiY29udGludW91c1Zpc2libGVcIjoge1wib25cIjogXCJ2aXNpYmxlXCIsXCJyZXF1ZXN0XCI6IFtcInZpc2liaWxpdHkxXCJdLFwicGFyZW50UG9zdE1lc3NhZ2VcIjogXCJpbXByZXNzaW9uLXZpZXdhYmxlXCIsXCJ2aXNpYmlsaXR5U3BlY1wiOiB7XCJzZWxlY3RvclwiOiBcIjpyb290XCIsXCJ2aXNpYmxlUGVyY2VudGFnZU1pblwiOiAzMCxcImNvbnRpbnVvdXNUaW1lTWluXCI6IDEwMDB9fSxcInZpc2liaWxpdHlDaGFuZ2VkXCI6IHtcIm9uXCI6IFwidmlzaWJsZVwiLFwicGFyZW50UG9zdE1lc3NhZ2VcIjogXCJ2aXNpYmlsaXR5LWNoYW5nZWQtJHtpbnRlcnNlY3Rpb25SYXRpb31cIixcInZpc2liaWxpdHlTcGVjXCI6IHtcInJlcGVhdFwiOiB0cnVlLFwic2VsZWN0b3JcIjogXCI6cm9vdFwiLFwidmlzaWJsZVBlcmNlbnRhZ2VUaHJlc2hvbGRzXCI6IFtbMCwwXSxbMCw1XSxbNSwxMF0sWzEwLDE1XSxbMTUsMjBdLFsyMCwyNV0sWzI1LDMwXSxbMzAsMzVdLFszNSw0MF0sWzQwLDQ1XSxbNDUsNTBdLFs1MCw1NV0sWzU1LDYwXSxbNjAsNjVdLFs2NSw3MF0sWzcwLDc1XSxbNzUsODBdLFs4MCw4NV0sWzg1LDkwXSxbOTAsOTVdLFs5NSwxMDBdLFsxMDAsMTAwXV19fSxcImluaUxvYWRcIjoge1wib25cIjogXCJpbmktbG9hZFwiLFwicGFyZW50UG9zdE1lc3NhZ2VcIjogXCJ7XFxcImNcXFwiOlxcXCJzZmNoYW5uZWwzXFxcIixcXFwicFxcXCI6XFxcIntcXFxcXFxcInVpZFxcXFxcXFwiOlxcXFxcXFwiM1xcXFxcXFwiLFxcXFxcXFwid2lkdGhcXFxcXFxcIjoke3Njcm9sbFdpZHRofSxcXFxcXFxcImhlaWdodFxcXFxcXFwiOiR7c2Nyb2xsSGVpZ2h0fX1cXFwiLFxcXCJzXFxcIjpcXFwiY3JlYXRpdmVfZ2VvbWV0cnlfdXBkYXRlXFxcIn1cXG5cIn19fTwvc2NyaXB0PjwvYW1wLWFuYWx5dGljcz48YW1wLWFuYWx5dGljcyBjbGFzcz1cImktYW1waHRtbC1sYXlvdXQtZml4ZWQgaS1hbXBodG1sLWxheW91dC1zaXplLWRlZmluZWQgaS1hbXBodG1sLWVsZW1lbnQgaS1hbXBodG1sLWJ1aWx0XCIgaS1hbXBodG1sLWxheW91dD1cImZpeGVkXCIgc3R5bGU9XCJ3aWR0aDoxcHg7aGVpZ2h0OjFweDtcIiB0cmlnZ2VyPVwiaW1tZWRpYXRlXCIgYXJpYS1oaWRkZW49XCJ0cnVlXCIgaGlkZGVuPVwiXCI%2BPHNjcmlwdCB0eXBlPVwiYXBwbGljYXRpb24vanNvblwiPntcInRyYW5zcG9ydFwiOiB7XCJiZWFjb25cIjogdHJ1ZSwgXCJ4aHJwb3N0XCI6IGZhbHNlfSxcInJlcXVlc3RzXCI6IHtcImFtcGVvczFcIjogXCJodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL3Bjcy9hY3RpdmV2aWV3P3hhaT1BS0FPanN1ZVM5VHB6SkpJc1FrX0NLbm0zUGQxVGRCS3RCZ0Exd1R2LW9oUUhMV00wTnk2MWdPeEVtM3RjZ2V2SVlwUU1iWHNWa0d4LWJ1Y0xfVnVYeDNRV1ZSQXdrMEdWTE8yekRiNmdjTmp5YUd1TzVIbXoweEJ2OXBPVXJUdzhFNng2SDJ4Y3Iyem5OOW5DcEMzY3o4bE1OZ1lubW0tbzF0elpMZXY4RThsVWxrJnNhaT1BTWZsLVlSeklpUWYxc29VcE1tcmFBbE8tTkJpSm5aTGFyQWZXMl9MbHFKa0hLcm5DbUtBcFpZa1MyeThGN1lHVk1WRXpjd0dybTN4LS1fcTlEMEpZNGF3bEVDLUN3T0JYNzVjMWp2Z25OSG9oSjBVTFRUVUFzTjZGcTBxcHFnJnNpZz1DZzBBcktKU3pOUTctSGZfOVdzTUVBRSZjaWQ9Q0FRU093RElDYWFONnZTVmE1TkQ1bWwteWV1bGdhdV9MWUM3LThjbk5nUzl0Y3JWQWNqMDZVZkdhQWhsSjc2VXhOVFE4MkdGYUZZTS13ZGdyUS04R0FFJmlkPWFtcGVvcyZvPSR7ZWxlbWVudFh9LCR7ZWxlbWVudFl9JmQ9JHtlbGVtZW50V2lkdGh9LCR7ZWxlbWVudEhlaWdodH0mc3M9JHtzY3JlZW5XaWR0aH0sJHtzY3JlZW5IZWlnaHR9JmJzPSR7dmlld3BvcnRXaWR0aH0sJHt2aWV3cG9ydEhlaWdodH0mbWN2dD0ke21heENvbnRpbnVvdXNWaXNpYmxlVGltZX0mbXRvcz0wLDAsMCwke21heENvbnRpbnVvdXNWaXNpYmxlVGltZX0sJHttYXhDb250aW51b3VzVmlzaWJsZVRpbWV9JnRvcz0wLDAsMCwke3RvdGFsVmlzaWJsZVRpbWV9LDAmdGZzPSR7Zmlyc3RTZWVuVGltZX0mdGxzPSR7bGFzdFNlZW5UaW1lfSZnPSR7bWluVmlzaWJsZVBlcmNlbnRhZ2V9Jmg9JHttYXhWaXNpYmxlUGVyY2VudGFnZX0mcHQ9JHtwYWdlTG9hZFRpbWV9JnR0PSR7dG90YWxUaW1lfSZycHQ9JHtuYXZUaW1pbmcobmF2aWdhdGlvblN0YXJ0LGxvYWRFdmVudFN0YXJ0KX0mcnN0PSR7bmF2VGltaW5nKG5hdmlnYXRpb25TdGFydCl9JnI9ZGUmaXNkPSR7aW5pdGlhbFNjcm9sbERlcHRofSZtc2Q9JHttYXhTY3JvbGxEZXB0aH0mYXZtcz1hbXBhXCJ9LFwidHJpZ2dlcnNcIjoge1wiZW5kT2ZTZXNzaW9uXCI6IHtcIm9uXCI6IFwidmlzaWJsZVwiLFwicmVxdWVzdFwiOltcImFtcGVvczFcIl0sXCJ2aXNpYmlsaXR5U3BlY1wiOiB7XCJyZXBvcnRXaGVuXCI6IFwiZG9jdW1lbnRFeGl0XCIsXCJzZWxlY3RvclwiOiBcIjpyb290XCIsXCJ2aXNpYmxlUGVyY2VudGFnZU1pblwiOiAzMH19fX08L3NjcmlwdD48L2FtcC1hbmFseXRpY3M%2BPGFtcC1hbmFseXRpY3MgY2xhc3M9XCJpLWFtcGh0bWwtbGF5b3V0LWZpeGVkIGktYW1waHRtbC1sYXlvdXQtc2l6ZS1kZWZpbmVkIGktYW1waHRtbC1lbGVtZW50IGktYW1waHRtbC1idWlsdFwiIGktYW1waHRtbC1sYXlvdXQ9XCJmaXhlZFwiIHN0eWxlPVwid2lkdGg6MXB4O2hlaWdodDoxcHg7XCIgdHJpZ2dlcj1cImltbWVkaWF0ZVwiIGFyaWEtaGlkZGVuPVwidHJ1ZVwiIGhpZGRlbj1cIlwiPjxzY3JpcHQgdHlwZT1cImFwcGxpY2F0aW9uL2pzb25cIj57XCJyZXF1ZXN0c1wiOiB7XCJwYWdldmlld1wiOiBcImh0dHBzOi8vc2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc%2FYWk9Q0hHMHRCb0FwWlpuSEdaV2dqdXdQaW9HMXVBWFQtdlRvY3N2WXlQNjFFY0NoaXJfRU5SQUJJSmIybEk4QllKWENwb0t3QjZBQjk1akh6QUxJQVFtcEFpam5NdGcycGJFLTRBSUFxQU1CeUFNS3FnVHRBa19RblMwTlVPanp5MGpQd1pHbVkxYXhaYklvaUtQaHgyRXcxYW5GOHlHUmRESWl3ZEdvQnBkenVJV0hheC1feXNfek9yb2pNWU1HU0JDemNCMG91OTdaN2JjRGhEUFp2QzVCUmt1eUZiWlRQLVR6ZUx2aXIyVlVkNWFFLVhuU0pPc2VmR3ZzNHU1UzJrazdzTW16bFNfZmxCc1U1YmlFMEliSDczcDFoR0xVRXZETDJOaG4zMENMTU9uelpOT0M5MUhmcjZtNEVwaFpwWEp5U3hJR1RUWHlOYkc0ejZ2M2RDc1FBQ05CRUE2U3Y4UTMzaDNwelBhdVN6VXpYNVl3azR5bm1yeGRDd2ZGYVprcE5NNEFub1V2ajg3VVFVR0xhRENqTGllbVl1QXRwY1NkRFQtUHREcndkUnAzU1NIZGpfcWg5a3NzZlR0RVR4dG4wdjVOdW1SdV9jdzRyeWF1YUZzaG1PUVpJcDBGQVk0em5feUg1aW1maGh4U0RwY3B4NlkxRXV3Y1B4ODdXM1F3Z1YzNXdBY01Cd2lzM0FHbjMtUDZOUVVTRldSMFNnMjhIUndKSHd2VGhGVmVCOGl6VW1oU2R6ak9aUlVrSDdibGliVVYtNkVEcXJoUmtvNkxIcGdrVTIzWXdBU0otcnZTaWdUZ0JBR0lCZWlqMUlBMGtnVUVDQVFZQVpJRkJBZ0ZHQVNTQlFRSUJSZ1lrZ1VGQ0FVWXFBR2dCaTZBQl9IbXVMTUJxQWZadHJFQ3FBZU96aHVvQjVQWUc2Z0g3cGF4QXFnSF9wNnhBcWdIcEtPeEFxZ0gxY2ticUFlbXZodllCd0R5QndRUXpKb0cwZ2dXQ0lEaGdIQVFBUmdkTWdMckFqb0NnRUJJdmYzQk9wb0pIR2gwZEhCek9pOHZhRzltWm0xaGJtNHRaMlZ5YldGdWVTNWtaUy1BQ2dQSUN3SGlEUk1JczhtRzdzZnpnUU1WRlpDREJ4MktRQTFYMkJNTjBCVUJtQllCZ0JjQnNoY2ZDaDBJQUJJVWNIVmlMVFE1T1RVMk9UUTVNRFF3TlRRek16UVlrSXlCQVEmc2lnaD1BM29ScDd2QTF1SSZ1YWNoX209W1VBQ0hdJmFzZT0yJm5pcz1BVFRSSUJVVElPTl9SRVBPUlRJTkdfU1RBVFVTJmNpZD1DQVFTT3dESUNhYU42dlNWYTVORDVtbC15ZXVsZ2F1X0xZQzctOGNuTmdTOXRjclZBY2owNlVmR2FBaGxKNzZVeE5UUTgyR0ZhRllNLXdkZ3JRLThHQUUmdGVtcGxhdGVfaWQ9NTAwMCZjYnZwPTJcIn0sXCJ0cmlnZ2Vyc1wiOiB7XCJkZWZhdWx0UGFnZXZpZXdcIjoge1wib25cIjogXCJpbmktbG9hZFwiLFwicmVxdWVzdFwiOiBcInBhZ2V2aWV3XCJ9fSxcInRyYW5zcG9ydFwiOiB7XCJhdHRyaWJ1dGlvbnNyY1wiOiBcIlwiLFwiYmVhY29uXCI6IGZhbHNlLFwieGhycG9zdFwiOiBmYWxzZSxcImltYWdlXCI6IHRydWV9fTwvc2NyaXB0PjwvYW1wLWFuYWx5dGljcz48L2JvZHk%2BPC9odG1sPjwhLS0gSUZSQU1FIElOTkVSIENPTlRFTlQgLS0%2BIn0%3D&i=13-13&t=adltag_lnow43fu_mip2d2D7bE&r=3bb80a83ef65df1abe1cf6ba49e7c53&c=deseretdigital&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-64.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
odvXiI1Ly1sj3Ab5_RmE7VvQnF.fsWxS
date
Fri, 13 Oct 2023 16:30:54 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
30449
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
0
last-modified
Fri, 28 Oct 2022 01:03:48 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
O6SddpGQiF7YoXryF7lJ6uJ61T_q6YtrsZXLZz_yCPkSpTrdhFBpFg==
monitor.html
widgets.outbrain.com/widgetMonitor/ Frame 3DB6 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-VideoWithoutLsd&env=1&message=video%20request%20for%20widget%20idx%3A101%20has%20no%20lsd%20param.%20call%20params%3A%20%7B%22fAB%22%3A%2211741-89554%22%2C%22feedIdx%22%3A%220%22%2C%22pauseOutOfView%22%3Afalse%2C%22playerLocation%22%3A%22aboveWidget%22%2C%22videoBidFloor%22%3Anull%2C%22videoHeight%22%3A429%2C%22videoWidth%22%3A764%2C%22permalink%22%3A%22https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack%22%2C%22widgetId%22%3A%22FMS_CP_1%22%2C%22originWidgetIdx%22%3A1001%2C%22rtbEnabled%22%3Atrue%2C%22fId%22%3A%22100%22%2C%22feedFatherIdx%22%3A%220%22%2C%22feedVersion%22%3A%222%22%2C%22et%22%3Atrue%2C%22extraParams%22%3A%22servePc%3Dtrue%26maxNumAds%3D3%26num%3D3%26maxNumOrganicRecs%3D0%26secondaryVideoReq%3Dtrue%26videolinearity%3D2%26plcmt%3D4%26fAB%3D11741-89554%26feedIdx%3D0%26appName%3Dfalse%26appCategory%3Dfalse%26appStoreUrl%3Dfalse%26playerLocation%3DaboveWidget%26layeredTestInfo%3D11741-89554-81574%2C12712-0-%2C12820-91493-91494%26recMode%3Dodb_video%26videoWidth%3D764%26videoHeight%3D429%26pauseOutOfView%3Dfalse%26placementType%3D4%26videoPlaybackMethod%3D2%26isRequestInView%3Dfalse%22%7D&stack=undefined&ver=2010485&ren=1&sId=9837681&dId=5362041369&pId=214965
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.97.54 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-97-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
1606
content-type
text/html
date
Fri, 13 Oct 2023 17:36:07 GMT
etag
"1295e69d949ede7964200763acaebc50:1679841729.42395"
expires
Fri, 20 Oct 2023 17:36:07 GMT
last-modified
Sun, 26 Mar 2023 14:35:45 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
get
mv.outbrain.com/Multivac/api/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&idx=101&rand=43826&widgetJSId=FMS_CP_1&va=true&et=true&format=vjapi&rtbEnabled=true&t=YTBiNzA4YjNkYTg0YzAyMjZkZjFkODI4ODYwMGY0ZGY=&fId=100&feedVersion=2&fAB=11741-89554&px=253&py=3186&vpd=1986&settingLevel=TEMPLATE&servePc=true&maxNumAds=3&num=3&maxNumOrganicRecs=0&secondaryVideoReq=true&videolinearity=2&plcmt=4&fAB=11741-89554&feedIdx=0&appName=false&appCategory=false&appStoreUrl=false&playerLocation=aboveWidget&layeredTestInfo=11741-89554-81574,12712-0-,12820-91493-91494&recMode=odb_video&videoWidth=764&videoHeight=429&pauseOutOfView=false&placementType=4&videoPlaybackMethod=2&isRequestInView=false&settings=true&recs=true&key=NANOWDGT01&tch=0&adblck=false&abwl=false&ab=0&wl=0&umv=1&wdr-cosc=1&activeTab=true&version=2010485&sig=eH1npwpt&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0cb12c5bb5c7efb88caf291729cbb1611178111d38d48e8b63fd30ecf5e6a60d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Fri, 13 Oct 2023 17:36:07 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1697218568.528029,VS0,VE235
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/x-json; charset=UTF-8
x-served-by
cache-lga21979-LGA, cache-fra-eddf8230116-FRA
x-traceid
45d1e7813a959792af2de22b83689ed6
accept-ranges
bytes
content-length
2373
expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
adb44b9fde5fb6026678ea4cc58f0795edc8299546aee3daf39cbb642d54d3e2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
https://www.deseret.com
date
Fri, 13 Oct 2023 17:36:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
AVmanager.js
player.aniview.com/script/6.1/ Frame 7413 		449 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:38a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
01d8c1ea393af41a8ad21a043de5cf3d4afd983e8694f42b6a30957b8ce7a0a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:07 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduAFOA8os1_j0tXp55Xe4yrSlV9VLIHibUZXALCGQ70Jv1qGafSMEROjD51uuYe_layIuGZMmxI3NYDd1lpINtEsBCpfhYe
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
130845
last-modified
Tue, 10 Oct 2023 08:13:21 GMT
server
UploadServer
etag
"21d1d4f58c45967046afb85059342532"
vary
Accept-Encoding
x-goog-generation
1696925601074323
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=uYjxeg==, md5=IdHU9YxFlnBGr7hQWTQlMg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
130845
accept-ranges
bytes
expires
Fri, 13 Oct 2023 17:46:07 GMT
report
widgetmonitor.outbrain.com/WidgetErrorMonitor/api/ Frame 3DB6 		2 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://widgetmonitor.outbrain.com/WidgetErrorMonitor/api/report?name=obm-VideoWithoutLsd&version=2010485&message=video%20request%20for%20widget%20idx%3A101%20has%20no%20lsd%20param.%20call%20params%3A%20%7B%22fAB%22%3A%2211741-89554%22%2C%22feedIdx%22%3A%220%22%2C%22pauseOutOfView%22%3Afalse%2C%22playerLocation%22%3A%22aboveWidget%22%2C%22videoBidFloor%22%3Anull%2C%22videoHeight%22%3A429%2C%22videoWidth%22%3A764%2C%22permalink%22%3A%22https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack%22%2C%22widgetId%22%3A%22FMS_CP_1%22%2C%22originWidgetIdx%22%3A1001%2C%22rtbEnabled%22%3Atrue%2C%22fId%22%3A%22100%22%2C%22feedFatherIdx%22%3A%220%22%2C%22feedVersion%22%3A%222%22%2C%22et%22%3Atrue%2C%22extraParams%22%3A%22servePc%3Dtrue%26maxNumAds%3D3%26num%3D3%26maxNumOrganicRecs%3D0%26secondaryVideoReq%3Dtrue%26videolinearity%3D2%26plcmt%3D4%26fAB%3D11741-89554%26feedIdx%3D0%26appName%3Dfalse%26appCategory%3Dfalse%26appStoreUrl%3Dfalse%26playerLocation%3DaboveWidget%26layeredTestInfo%3D11741-89554-81574%2C12712-0-%2C12820-91493-91494%26recMode%3Dodb_video%26videoWidth%3D764%26videoHeight%3D429%26pauseOutOfView%3Dfalse%26placementType%3D4%26videoPlaybackMethod%3D2%26isRequestInView%3Dfalse%22%7D&env=1&url=https%3A%2F%2Fwww.deseret.com%2F&referrer=&agent=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F118.0.5993.70%20safari%2F537.36&stack=undefined&errorEleUrl=&pId=214965&sId=9837681&dId=5362041369&ren=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-VideoWithoutLsd&env=1&message=video%20request%20for%20widget%20idx%3A101%20has%20no%20lsd%20param.%20call%20params%3A%20%7B%22fAB%22%3A%2211741-89554%22%2C%22feedIdx%22%3A%220%22%2C%22pauseOutOfView%22%3Afalse%2C%22playerLocation%22%3A%22aboveWidget%22%2C%22videoBidFloor%22%3Anull%2C%22videoHeight%22%3A429%2C%22videoWidth%22%3A764%2C%22permalink%22%3A%22https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack%22%2C%22widgetId%22%3A%22FMS_CP_1%22%2C%22originWidgetIdx%22%3A1001%2C%22rtbEnabled%22%3Atrue%2C%22fId%22%3A%22100%22%2C%22feedFatherIdx%22%3A%220%22%2C%22feedVersion%22%3A%222%22%2C%22et%22%3Atrue%2C%22extraParams%22%3A%22servePc%3Dtrue%26maxNumAds%3D3%26num%3D3%26maxNumOrganicRecs%3D0%26secondaryVideoReq%3Dtrue%26videolinearity%3D2%26plcmt%3D4%26fAB%3D11741-89554%26feedIdx%3D0%26appName%3Dfalse%26appCategory%3Dfalse%26appStoreUrl%3Dfalse%26playerLocation%3DaboveWidget%26layeredTestInfo%3D11741-89554-81574%2C12712-0-%2C12820-91493-91494%26recMode%3Dodb_video%26videoWidth%3D764%26videoHeight%3D429%26pauseOutOfView%3Dfalse%26placementType%3D4%26videoPlaybackMethod%3D2%26isRequestInView%3Dfalse%22%7D&stack=undefined&ver=2010485&ren=1&sId=9837681&dId=5362041369&pId=214965
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.223 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 13 Oct 2023 17:36:08 GMT
Connection
close
X-TraceId
c11164623f8ff21898d0fbdf27949834
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Content-Length
2
Content-Type
application/json; charset=utf-8
json
server7.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/612b515fa94087000435798d/ 		15 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://server7.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/612b515fa94087000435798d/json
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vpts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.76.166.221 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.166.221.vultrusercontent.com
Software
/
Resource Hash
8fb2066429de2e2d83fd06c155d4eeefcc5ea88c598036995642660fe305c770

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

date
Fri, 13 Oct 2023 17:36:08 GMT
content-encoding
gzip
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.deseret.com
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
8979
json
server7.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/612b515fa94087000435798d/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://server7.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/612b515fa94087000435798d/json
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.76.166.221 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.166.221.vultrusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.deseret.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
access-control-allow-origin
https://www.deseret.com
access-control-max-age
86400
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
content-length
0
date
Fri, 13 Oct 2023 17:36:07 GMT
v2
id5-sync.com/gm/ 		276 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v2
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
fb825459ccc25cdb8e2cb75bf1e5b004cb6a68e1c937e99cf6d12b103f3526e3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
date
Fri, 13 Oct 2023 17:36:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
truncated
/ 		194 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23ccc2eb5ab2f26dc90911585b07893758e681dca2f83417457640c91a407fb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		573 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0213165f17c942a002a9ab00385e768717b2a9ebe889cdb37f092d3bc7715f33

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00cc63cd6ed4b645ed0a274e431628073d79150a2e0a3c20c5ab2685abc43c95

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		528 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cede6b4d3db7dfd01d7d6e9bf322105ac466e167be6ca281e9ac500b1f302194

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		224 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e96aa7c60bb144fee6bbdbcc58f8b542df774635705f3b3f1211a706b3516bfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		306 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6621912d07a2de8622885fddfd9a6ce5f5bdb3a0923d599fa2bd70982df19029

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		325 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		398 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac9a19e1c87802a0542f754d3786bc70681cda30eafd9d204f293bff57fe0ca1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
/
observe.aniview.com/api/adserver/tag/ 		19 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://observe.aniview.com/api/adserver/tag/?AV_SUBID=214965&AV_CDIM1=AR_1%23FMS_CP_1&AV_UID=e7698d7a46c97c8ede2c19e734126847&AV_CDIM2=11741-89554-81574&AV_CDIM3=9837681&AV_CDIM4=footer&AV_CDIM5=11741-89554-81574%2C12712-0-%2C12820-91493-91494&AV_SCHAIN=1.0%2C1!outbrain.com%2C006eb01469ac0b1d2f4e1b1fe182f52c8c%2C1%2C%2C%2C&AV_SECURED=1&AV_DNTCHECK=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&AV_PUBLISHERID=58a5addb28a0612d3529bc5e&AV_CHANNELID=5d99d49428a0610e142605e5&tgt=0&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.deseret.com&AV_DADPOS=3&AV_GPID=/58a5addb28a0612d3529bc5e/5d99d49428a0610e142605e5/www.deseret.com&d36=6.2.134&responsive=1&sver=4&avtoken=567730&omv=1.0.1&clsid=f6b8b384-f5be-4aa9-b592-a1c0d1f22168&rando=1&AV_WIDTH=764&AV_HEIGHT=429&AV_DNT=0&cb=1697218567732&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.139.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-139-228.compute-1.amazonaws.com
Software
/
Resource Hash
fff84600b320b191da2a4e675c12eb60aa6e00601debc8846c50b19048cf560c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:08 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.deseret.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Mon, 02 Oct 2023 03:49:28 GMT
track
track1.aniview.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.deseret.com&sn=214965&cd1=AR_1%23FMS_CP_1&cd2=11741-89554-81574&cd3=9837681&cd4=footer&cd5=11741-89554-81574%2C12712-0-%2C12820-91493-91494&ic=0&tgt=0&app=&wi=764&he=429&test=&d36=6.2.134&apppkg=&fv=3&proto=https&clsid=f6b8b384-f5be-4aa9-b592-a1c0d1f22168&rando=1&pid=58a5addb28a0612d3529bc5e&cid=5d99d49428a0610e142605e5&stagid=&stplid=&e=inventory&vi=0&cb=1697218567732
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.31.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-31-210.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:08 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
l
mcdp-nydc1.outbrain.com/ 		2 B
356 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=22d3edb38e09057b5d19ce8765667785_214965_1697218567716&tm=1900&eT=0&wRV=2010485&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&umv=1&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 17:36:07 GMT
content-encoding
br
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
X-TraceId
d19bb0b5850f034aa1a1c53f248d9dd7
Content-Length
6
lnktrk.php
www.mirabelanalytics.com/mmwap/ 		43 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mirabelanalytics.com/mmwap/lnktrk.php?action_name=23andMe%20confirms%20hack%20-%20Deseret%20News&idsite=499&rec=1&r=658383&h=19&m=36&s=7&url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&_id=898b1c58cc511b67&_idts=1697218568&_idvc=1&_idn=0&_refts=0&_viewts=1697218568&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&cvar=%7B%221%22%3A%5B%22__fp_uuid%22%2C%2238f0643e-ceb1-4cd4-9708-459a5ce8226d%22%5D%7D&_cvar=%7B%224%22%3A%5B%22ftype%22%2C%2238f0643e-ceb1-4cd4-9708-459a5ce8226d%22%5D%7D&gt_ms=59&pv_id=BU0jL7
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.20.119.232 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-20-119-232.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 17:36:07 GMT
Cache-Control
no-store
Content-Encoding
none
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
css
fonts.googleapis.com/ Frame 41A9 		6 KB
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 13 Oct 2023 17:36:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 16:26:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Oct 2023 17:36:07 GMT
select.css
saambaa.com/widget/gpt/300x600/assets/ Frame 41A9 		1006 B
730 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/widget/gpt/300x600/assets/select.css
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f9d9c7a87c8d45bf544e7e77ebd3e5ca06c28c690e4c36bf6def49fa95326941

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:02 GMT
content-encoding
gzip
last-modified
Mon, 26 Jun 2017 22:37:38 GMT
server
Microsoft-IIS/8.5
etag
"02525d0cceed21:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
645
smb-300x600.css
saambaa.com/widget/gpt/300x600/assets/ Frame 41A9 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/widget/gpt/300x600/assets/smb-300x600.css
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
30a13c26add0bf0be76d49333a5047057bfab31d93876edc0fa376c7ee667dd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:02 GMT
content-encoding
gzip
last-modified
Wed, 12 Jul 2023 20:12:37 GMT
server
Microsoft-IIS/8.5
etag
"8028a033fdb4d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
3003
0
api.saambaa.com/properties/widgetconfig/300x600/partner/deseret.com/platform/ Frame 41A9 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.saambaa.com/properties/widgetconfig/300x600/partner/deseret.com/platform/0?callback=__smbcfgldr83393
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d97734d5f3d2c873df0afef33c1c508b6e556abd114193df3419da8d53196e6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:02 GMT
content-encoding
gzip
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
content-length
1517
vary
Accept-Encoding
content-type
application/javascript
ga4mp.umd.min.js
cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ Frame 41A9 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ga4mp.umd.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b647edf1597f3427578fc09d41be48660f2388e92022eb0693975efd38acda0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
20801
x-jsd-version
0.0.8
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230053-FRA, cache-yyz4545-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"231b-bu7prZXfHly9j0HIF61RLekhwNc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CGy%2BLfdQ7uhoP59zNtxIeORzpMUt2J%2F2cVGGZtJGVPtyRrQHViQJ0ZIpNqerczPdC34W1VnpCYALvN9lfIZphsEr8BM%2B6oQwqpXl1Bi3wgM%2FnLG%2FSjTdOw7ITYG27NL5Q%2BYW4SsDmn6NXTHo6eQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
815957d238fd3820-FRA
saambaa_prebid.js
saambaa.com/assets/js/ Frame 41A9 		354 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/assets/js/saambaa_prebid.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c46261799db2b9293be2af0302b45e51ab5d1e383d0e7b4994432c8fe0ff3d26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:03 GMT
content-encoding
gzip
last-modified
Mon, 17 Jul 2023 22:48:25 GMT
server
Microsoft-IIS/8.5
etag
"808288cb0b9d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
115053
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 41A9 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
feb1694c0abb5f9927673a740d68df5c069b21bb6ed5cc17d6703bfe32949fd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29516
x-xss-protection
0
server
cafe
etag
582 / 19643 / m202310100101 / config-hash: 8825080756604653567
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:36:07 GMT
player.js
player.aniview.com/script/6.1/ Frame 41A9 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=62979a48733ce610645c7ce5
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:38a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
fda6d31bf9df409dd091a643f742ca0e2f42e39aff9106003473239a284ef526

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:07 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtvgM1Tdg-ZiRV_siglD8EPwqJKXXFsOQOT3n2uzfqDP3xTeS8Gqv4YzwhuWgIi7INeTuXaipsCHqIs_KjffUEE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
13528
last-modified
Tue, 10 Oct 2023 08:13:21 GMT
server
UploadServer
etag
"16396b56fa3f7cf0853c8279805c81d0"
vary
Accept-Encoding
x-goog-generation
1696925601281771
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=vixRjA==, md5=FjlrVvo/fPCFPIJ5gFyB0A==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
13528
accept-ranges
bytes
expires
Fri, 13 Oct 2023 17:46:07 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/ Frame 41A9 		420 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a40e424d54800fc2704682930d3be386d0280b96a03869db6bf3894218f1eb7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 15:46:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
6583
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134722
x-xss-protection
0
server
cafe
etag
2928310903106852838
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 12 Oct 2024 15:46:25 GMT
avpb7.51.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 7413 		222 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:38a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
da113d5c8af5bc0b2ef4a2ad0f7111caf9374be70bb5ee17ea2149bb66ae6ad2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:08 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsCzhzasjFBy4EvytmZ59iXoJpexjeXXzbb8wmkxD3Zbr8mtdy5XFEmbfkpIWQnOvE_5xKmrzl_VINWdMNDJfr_7w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
72053
last-modified
Tue, 10 Oct 2023 08:13:21 GMT
server
UploadServer
etag
"ba87def0c223d2d03ab9db1c7a42d7a3"
vary
Accept-Encoding
x-goog-generation
1696925601751749
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=WtIWTQ==, md5=uofe8MIj0tA6udscekLXow==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
72053
accept-ranges
bytes
expires
Fri, 13 Oct 2023 17:46:08 GMT
avpb7.51.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame 7413 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a1.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:38a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
faf6dbe465a4d62df2472ca6a0069afb413923aea09c4f2dc85093b62dbcd794

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:08 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdumT9DoUcShWgat4se3wX_ukTct0P3D3i3XJH1vvpY_UvlQVHCylCVoXgnT77imAjJUPfGtB9v67PqsdUNqdnJt0StHmEvK
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
21028
last-modified
Tue, 10 Oct 2023 08:13:21 GMT
server
UploadServer
etag
"1bd4e3362634b6599915ff9aa0913b9d"
vary
Accept-Encoding
x-goog-generation
1696925601774618
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=5KT58A==, md5=G9TjNiY0tlmZFf+aoJE7nQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
21028
accept-ranges
bytes
expires
Fri, 13 Oct 2023 17:46:08 GMT
quant.js
secure.quantserve.com/ Frame 41A9 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:08 GMT
content-encoding
gzip
etag
"6ioqmyHWSWLYz5hkRjy8Uw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 20 Oct 2023 17:36:08 GMT
op.js
tagan.adlightning.com/saambaa-deseret/ Frame 41A9 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/op.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5b39bb63c32dbfde2d06b20a45a58e8e0b6c261df0ecb73f4ba470d68de94fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
VKSkUPBuHAWXq4aYEmKGltG3h5lQblAC
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
date
Fri, 13 Oct 2023 17:31:59 GMT
x-amz-cf-pop
FRA60-P4
age
270
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
7079
x-amz-meta-git_commit
5f40b44
last-modified
Fri, 13 Oct 2023 00:17:19 GMT
server
AmazonS3
etag
"0836d6f94488efe006f5d22c37758845"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800
accept-ranges
bytes
x-amz-cf-id
Gtm_f_VRihAvWzh4RDpRxTqfBVcIp72ruZaeRdP4fzDm3S9cB17ihg==
0
api.saambaa.com/post/storyboard/16849/market/ Frame 41A9 		1 KB
813 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.saambaa.com/post/storyboard/16849/market/0
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x600/assets/smb-300x600.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
139b5bbf6aaa835413c9de4f77fac25469a9ea4976e4dbda20b29bd0e63eef81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:03 GMT
content-encoding
gzip
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.deseret.com
access-control-allow-credentials
true
content-length
593
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 41A9 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6200089548495652
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8db99b2e6c80f100058c2316a08c01c8a1672f99008d752d58721fe379ad256e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51523
x-xss-protection
0
server
cafe
etag
739641498458244457
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:36:08 GMT
p-TWKb6gH_3MnFX.gif
pixel.quantserve.com/pixel/ Frame 41A9 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-TWKb6gH_3MnFX.gif
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 13 Oct 2023 17:36:08 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
arrow-down.png
saambaa.com/widget/gpt/300x600/assets/ Frame 41A9 		162 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa.com/widget/gpt/300x600/assets/arrow-down.png
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
25484e65a401d988b0bee5b763ea9796c87ddc2a26a85dc2a099510e86425d6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:02 GMT
last-modified
Mon, 30 Mar 2020 21:10:54 GMT
server
Microsoft-IIS/8.5
etag
"4be8ecb2d76d61:0"
x-powered-by
ASP.NET
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
166217
loader-dots.gif
saambaa.com/widget/gpt/300x600/assets/ Frame 41A9 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa.com/widget/gpt/300x600/assets/loader-dots.gif
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
03aad58f643224f6ce0d2172cb2ed55ca8129bdab96873e2d4ed033972f0c800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:03 GMT
last-modified
Mon, 26 Jun 2017 22:37:38 GMT
server
Microsoft-IIS/8.5
etag
"02525d0cceed21:0"
x-powered-by
ASP.NET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
33406
rtd
p2.gcprivacy.com/v2/ 		30 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p2.gcprivacy.com/v2/rtd?u=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.206.138.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-138-123.compute-1.amazonaws.com
Software
/
Resource Hash
26abfb8204c59428822c022842dc713f2e4578e8301105357f903f9939e6065f

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 13 Oct 2023 17:36:08 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://www.deseret.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Max
content-length
30
collect
www.google-analytics.com/g/ Frame 41A9 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z61F9RX0DE&cid=343269919.1697218568&_npa=1&_s=1&sid=1697218568&sct=1&dl=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&dr=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&dt=&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=0&uap=&uapv=&uaw=0&seg=1&en=smb_300x600_desktop
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ga4mp.umd.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ Frame 41A9 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z61F9RX0DE&cid=343269919.1697218568&_npa=1&_s=2&sid=1697218568&sct=1&dl=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&dr=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&dt=&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=0&uap=&uapv=&uaw=0&seg=1&ep.pv_widget_type=300x600_desktop&cn=300x600_desktop&en=page_view
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ga4mp.umd.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sbt.js
static.vidazoo.com/basev/1.0.811/ 		652 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/1.0.811/sbt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5b57158d599a1ae09543bddaf35fb04d29d3a858de1adc481cd3a8cc16bc873

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:08 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
HTWZGZN6WN06S3M7
age
15224
x-amz-server-side-encryption
AES256
content-length
140385
x-amz-id-2
lXn5X/jhSBnf2lBnNgEmAsdVbtv531VELpAzzlx5YX8XYRJC9YpMAYsuqY626ENWJghBLChddo4=
last-modified
Tue, 16 May 2023 10:04:26 GMT
server
cloudflare
etag
"e776412f27744cdaa59c65bb87e29598"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
815957d4a9803732-FRA
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Sat, 14 Oct 2023 17:36:08 GMT
truncated
/ Frame 41A9 		690 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6a5e09e10f94077749be842a39eccdb423df69e86b81b279683fcfc33ad443c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 41A9 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:12:51 GMT
x-content-type-options
nosniff
age
91397
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 16:12:51 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
571979ce45a869530d63328c83473172808f2f199e0512b2ee18771cb1e6ac58

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
6a612d520d067c43a717704dfc287f91623694cc27d4a12cec71846fbf8bbe9b

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
cd6977e5aca49e39b1507af7964356e9d97cf109d76ce1ca8a15927f0d13dbf3

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
f91a82b48d15335fee78d0936ce1168dab4950454ac80ebe1b45350cda01fc6d

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
91ea3a0d0e07ecb156216b4b957347e2339c610044e879f01e396bee6474752a

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
214fe31d76df449747aefb238a0b082f54228586e1d8e9d33704691d6c11272e

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
8a7197a88bb625067c23f57eaf2b298374f750220f17f77097cc2fbb0eab516e

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
435c47a6d90ec77ef8f9236689188ecd683bba89837aa9f91ab80644a616f466

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
f925795bfb1244369165d86dceb2e78ab0166a17c16c3f5dbdbc4ee0f1e268e0

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
Expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame CD28 		42 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsueS9TpzJJIsQk_CKnm3Pd1TdBKtBgA1wTv-ohQHLWM0Ny61gOxEm3tcgevIYpQMbXsVkGx-bucL_VuXx3QWVRAwk0GVLO2zDb6gcNjyaGuO5Hmz0xBv9pOUrTw8E6x6H2xcr2znN9nCpC3cz8lMNgYnmm-o1tzZLev8E8lUlk&sai=AMfl-YRzIiQf1soUpMmraAlO-NBiJnZLarAfW2_LlqJkHKrnCmKApZYkS2y8F7YGVMVEzcwGrm3x--_q9D0JY4awlEC-CwOBX75c1jvgnNHohJ0ULTTUAsN6Fq0qpqg&sig=Cg0ArKJSzNQ7-Hf_9WsMEAE&cid=CAQSOwDICaaN6vSVa5ND5ml-yeulgau_LYC7-8cnNgS9tcrVAcj06UfGaAhlJ76UxNTQ82GFaFYM-wdgrQ-8GAE&id=ampim&o=315,170&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1029&mtos=0,0,0,1029,1029&tos=0,0,0,1029,0&tfs=642&tls=1671&g=100&h=100&tt=1671&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b-5f40b44-9f6c1b2b.js
tagan.adlightning.com/saambaa-deseret/ Frame 41A9 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/b-5f40b44-9f6c1b2b.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6611a010c1c02623f19baee463ab2bd5d3ca94f8a6cd0219b243212fd1751423

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 18:10:55 GMT
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-version-id
fP8PuZH8BatVq5HXfIsv4.6uZaG8ahhC
x-amz-cf-pop
FRA60-P4
age
1466713
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30497
x-amz-meta-git_commit
5f40b44
last-modified
Tue, 26 Sep 2023 18:10:17 GMT
server
AmazonS3
etag
"ee93a36c1860a5bf0ba3dd2972e0f548"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
tRYOiS3LyYWk2DdObpHc-fQ-IQHT1YLDGjTOQM91BB614X3-FfWNxg==
bl-34df212-a8532ec7.js
tagan.adlightning.com/saambaa-deseret/ Frame 41A9 		80 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/bl-34df212-a8532ec7.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e945d7b21fc77deb7da23640943534347a8810a109e8f1eaae5318b56956c0e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 00:37:46 GMT
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-version-id
fGzrPI6G6fMZOHMGWnURfiS1HY.chrIi
x-amz-cf-pop
FRA60-P4
age
61103
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33404
x-amz-meta-git_commit
34df212
last-modified
Fri, 13 Oct 2023 00:17:05 GMT
server
AmazonS3
etag
"30fcc4ecbbce24e5c82496832676f14f"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
ZxQ8dec9Y6fpgUL1qgEYOgbKXMSvsoEblPdD9zZh1z1M11zvecjp6w==
rules-p-TWKb6gH_3MnFX.js
rules.quantcount.com/ Frame 41A9 		160 B
631 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-TWKb6gH_3MnFX.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:2e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6276bdfd4e4844bffab5fc63afcbf296b5ab01ffab5ec61c7c513ba41089d09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:39:46 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
3383
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 00:10:08 GMT
server
AmazonS3
etag
"60b74b47b16486dd7914c1bc3fe2b29f"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
uim284wrCb0fXc4MbKOfx6kYpOk8bWs_Z-JaSc-3QlfuAEnqIBalNw==
pixel;r=1156453765;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack;ref=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F2...
pixel.quantserve.com/ Frame 41A9 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1156453765;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack;ref=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack;uht=2;fpan=0;fpa=P0-548091348-1697218566237;pbc=;ns=1;ce=1;qjs=1;qv=44310d19-20230908150619;cm=;gdpr=0;d=deseret.com;dst=1;et=1697218568506;tzo=-120;ogl=;ses=ac2d3cde-288d-48f3-ba3b-cec4a734a84d;mdl=
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 13 Oct 2023 17:36:08 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
outbrain.js
static.vidazoo.com/basev/skins/outbrain/ 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/skins/outbrain/outbrain.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f006dec88c65732acad8ea71a9bcc6be450a360567eccc8174da37df54c6038

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:08 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
6Y8MPTDVCXR23JGX
age
40004
content-length
19996
x-amz-id-2
ZjvB2yf7B7vBjXdZIyX4L0h9OcdWfyFE+/ItzFfXapMrA5MTBhMsCnVB0rDbUJUjMJE4Wlu0zDg=
last-modified
Mon, 06 Apr 2020 12:23:25 GMT
server
cloudflare
etag
"27c03d08ed4bfb0b9084b79ce358e325"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
815957d59aa63732-FRA
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Sat, 14 Oct 2023 17:36:08 GMT
blank.mp4
static.vidazoo.com/basev/ 		891 B
1 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/blank.mp4
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c957adaf4326a8636ad68fc78acb194b96b34bbeba09daf6b36c74975ac37d21

Request headers

Referer
https://www.deseret.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 13 Oct 2023 17:36:08 GMT
cf-cache-status
HIT
x-amz-request-id
GBRATFDKPPPX6NP7
age
43728
Content-Range
bytes 0-890/891
Content-Length
891
x-amz-id-2
f2+C1F2B/+ZcpIOAgwi4MRbq5AQkt1+iE1JmVteMD1xQW6KEGPxxiBnro5maThMnaL4+gAPvg9k=
last-modified
Mon, 06 Apr 2020 12:07:11 GMT
server
cloudflare
etag
"86ec3fbb73842f6c776555cfb7f1950d"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
public, max-age=86400
cf-ray
815957d59ab43732-FRA
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Sat, 14 Oct 2023 17:36:08 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310090101/ Frame 41A9 		393 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6200089548495652&plah=www.deseret.com&bust=31078721
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fcd4d587e418caff76ea830a86518a59bedea7425faa80f0279db95a890d3ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136569
x-xss-protection
0
server
cafe
etag
1952986845541566027
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:36:08 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame B51C 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup_fy2021.html?hello=world
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
acefc092ffa6df74a87ef66c614fe3552153903ea3f4da381086eb63d1b8525e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22388
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4090
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 11:23:00 GMT
etag
6119613530591461916
expires
Fri, 27 Oct 2023 11:23:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
5bce1044a94d4200045740ed.jpg
inventory.vidazoo.com/5a9ea5a0225f7d0004c70045/5bce1044a94d4200045740ed/ 		677 B
950 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inventory.vidazoo.com/5a9ea5a0225f7d0004c70045/5bce1044a94d4200045740ed/5bce1044a94d4200045740ed.jpg
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e724533992b3c0cf17c8ec16eb7e6edad2dafb80b1a563b84b663b11841c1f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:08 GMT
cf-cache-status
HIT
x-amz-request-id
HT0VX3WHC383S654
age
42166
content-length
677
x-amz-id-2
CQdUl/XcS2kOO8lRk4MDFs3a7dyskvAkbb7kUSgHsgXdlmH+YiuzmDkkP/7A3WFkTPNGmnKt5aw=
cf-bgj
h2pri
last-modified
Mon, 22 Oct 2018 18:01:45 GMT
server
cloudflare
etag
"78252c61eb4971238aab053f7a617825"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
815957d66b933732-FRA
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Sat, 12 Oct 2024 17:36:08 GMT
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e38335b8da3a11b4a278e7572f99a3990da81b9764b7526bd7b69ec0c6a57c84

Request headers

Referer
Origin
https://www.deseret.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
application/x-font-ttf;charset=utf-8
aggregate
bis3.vidazoo.com/ 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bis3.vidazoo.com/aggregate?_=1697218568690
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.811/sbt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2604:a880:400:d0::24b9:9001 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 13 Oct 2023 17:36:08 GMT
content-type
text/plain
access-control-allow-headers
*
content-length
0
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cookie.js
partner.googleadservices.com/gampad/ Frame 41A9 		215 B
552 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.deseret.com&callback=_gfp_s_&client=ca-pub-6200089548495652&cookie=ID%3D73cbd3e445d0b158%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_Mby9Dz-hJe4j_LG3otyFBnGWWUQlw&gpic=UID%3D00000c9791d8bde3%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_MYcNdJCko0qIgnfIPVSyO_M5mg1Uw
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
730e89663442ba2e45c35d164363880dd0e8aaf6c57a66d9815a07c03d70c182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
201
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3AF6 		21 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6200089548495652&output=html&adk=1812271804&adf=3279755401&lmt=1697211368&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697218568635&bpp=4&bdt=1719&idt=266&shv=r20231011&mjsv=m202310090101&ptt=9&saldr=aa&cookie=ID%3D73cbd3e445d0b158%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_Mby9Dz-hJe4j_LG3otyFBnGWWUQlw&gpic=UID%3D00000c9791d8bde3%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_MYcNdJCko0qIgnfIPVSyO_M5mg1Uw&nras=1&correlator=1464624138789&frm=23&ife=4&pv=2&ga_vid=1727420462.1697218566&ga_sid=1697218569&ga_hid=1835518903&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=600&ifk=3871577901&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078020%2C31078363%2C44804684%2C44805099%2C44805680%2C31078721%2C44800659&oid=2&pvsid=3190151112419911&tmod=2095976512&uas=0&nvt=1&fsapi=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.7u4mwxy8xjfp&fsb=1&dtd=289
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
555ae896b80477294527d69404c61a8912c0aae31a19419463ed920819eeb30b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
1462
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 17:36:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 41A9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=onetrust-banner-sdk&cls=otFlat%20bottom%20vertical-align-content&ign=false&pw=1600&ph=1200&x=0&y=1130.4
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
blank.png
saambaa.com/assets/image/ Frame 41A9 		68 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa.com/assets/image/blank.png
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:03 GMT
last-modified
Wed, 14 Feb 2018 23:02:54 GMT
server
Microsoft-IIS/8.5
etag
"cebd78f2e7a5d31:0"
x-powered-by
ASP.NET
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
68
300x250_oahu_v3.png
saambaa-static.azureedge.net/sidestage/ Frame 41A9 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa-static.azureedge.net/sidestage/300x250_oahu_v3.png
Requested by
Host: www.deseret.com
URL: https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CB8) /
Resource Hash
6d5bea8e0cdd9848eedee10232ad1498f8027e66a5d9ccee1d052622247ada7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 13 Oct 2023 17:36:09 GMT
last-modified
Thu, 27 Jan 2022 00:46:57 GMT
server
ECAcc (frc/4CB8)
content-md5
6Urn8SrRgO3o0cSRdd+hrw==
age
6559
etag
0x8D9E12E85A19017
x-cache
HIT
content-type
image/png
x-ms-request-id
86ef16bf-901e-0024-78ec-fd744c000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
24705
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
01f9b47d4879fdffe32f19bcda4cd032ab6b78224c4d2553f085b75ce3e6879d

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
3d4c80b6c1909de5da3cfb2cac11efc04e9f827d28f2bf1883587f38a427b6eb

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
8cca641b3e0783f28bb481b18d44832b08ff541dd972c46152c20871bb8c4350

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
d7335dd68f7773410dd6828262b0521f37027b5f5715a946b45af304522fa5ba

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
096542f95927aaec7e1e25b4955063a210aba0ae1f4f486056ef0d54c9e8b8d4

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
Expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 41A9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJjnVuzRHPlX2abbFktHuw_5Mnr9rhIPVcB3sHtS-h4jzvrXMLog44vugpopu4d1jiHDiJJxgMtnuvlk_CbqEuTKDE0JvDjdlQ-gveSQCUndPMbRaqTY1oY1y_gYjMfsNCCr5bRwEzwmA_VNHWP4p6FtIXWuvbsowI1RfWij_4OD5MaLCUhOZyk6N2eEpbtU1hxq67RPoazhfRmE-d9ONLrm1DKVu_YqG5aRPQSnOKkSgdCQX02iVj1RYJ7tDahgq8OPy4WEZ1ycbutiJMYplu49jc1KWLmu6lsJ13gIdRmD40GkJIZ0Z9MrMSReElyFrbzC8_TMcWi8RBUlqqfC2Tivgxx-tfU-2l8soMp_5-NJ9_ufXsEz6AY3DpDKcRqiwNCDIMKfRam5xOUTGtpdyg&sai=AMfl-YSCaHrgeCuwXeLEK2VUfHF5v-7VFoDo-6kvhsUOIXiBgPvx62ujV2Fg1M3vmqoZgpkWGAXU7m8WD9YMdpgkD85tAR9C4gDm1YC3bkFeQ5mLJ1ywFbMOi3CrI9ycXA&sig=Cg0ArKJSzH5IBRu-iBtEEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 13 Oct 2023 17:36:09 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 41A9 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6200089548495652&plah=www.deseret.com&bust=31078721
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1388767458a4e27846d223fcfae5879b7b26f6a82470d411002f4924be117aa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12315
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310110101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
edbb070af2aa200f8cf7268f15cd3ba1742d96020238a3b40df4659c00d0e8ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12069
x-xss-protection
0
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/16033947/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
383 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-41.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:46:05 GMT
via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
last-modified
Mon, 03 Jul 2023 14:48:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
50444
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
0
x-amz-cf-id
I48tJKs-JXqOiWu4IfpTfBA6z1Wk4hJud5uWpocCIrmOy5u8G7Rpnw==

Redirect headers

date
Fri, 13 Oct 2023 17:36:09 GMT
via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
location
/internal-c2/default/cs.js
content-length
0
x-amz-cf-id
TC-qpOf9flcLksIg1JCvpr4Vae1OWbODIRAUdBN9mDW1oSFjERYY7w==
up
insight.adsrvr.org/track/ Frame AE4F 		0
60 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=63l7ij2&ref=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&upid=5v8nc1s&upv=1.1.0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html
date
Fri, 13 Oct 2023 17:36:09 GMT
server
Kestrel
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 41A9 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 13 Oct 2023 17:36:09 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 13 Oct 2023 17:36:09 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5738 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
946
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 17:20:23 GMT
expires
Sat, 12 Oct 2024 17:20:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F9DD 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1fbf7c0cf32ea29a10bdc2998fa5d50d6ca11710ecff96290b5fe27bd0282a4d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eTv2WOOqd-z5rzsr5S4nyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-eTv2WOOqd-z5rzsr5S4nyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 17:36:09 GMT
expires
Fri, 13 Oct 2023 17:36:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1F0E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
946
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 17:20:23 GMT
expires
Sat, 12 Oct 2024 17:20:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E507 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a322b2e4838be6ff0ffbb5dc9a1cbdce30b34bd1a045c19040a259d21526d7cf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IJq_tGOzivgPlEthxohRnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-IJq_tGOzivgPlEthxohRnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 17:36:09 GMT
expires
Fri, 13 Oct 2023 17:36:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.deseret.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.deseret.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Fri, 13 Oct 2023 17:36:09 GMT
trinity.json
apex.go.sonobi.com/ Frame 41A9 		728 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22253a56ce92eda5%22%3A%22740fb425cd9d318aa0a3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x600_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&s=66075052-f590-4bc9-b262-eeef75805fd1&pv=282796d2-3362-458f-9417-f43fae56b9d2&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22deseret.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22deseret.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.70%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22b630fe59-19be-4bfd-b089-389bb113a646%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
6edcbf70a97b56157ea94db6487260b8c7ba8cee439653f3097aa61007c05e0e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:09 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-26
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
441
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 41A9 		24 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.14.14 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
14.14.251.63.unassigned.ord.singlehop.net
Software
/
Resource Hash
7aad9c637b0769b634613c0a18b65df88e4f2e43b3153a424a5dbdbf6fd7fb0c

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 13 Oct 2023 17:36:10 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.deseret.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
pbjs
htlb.casalemedia.com/openrtb/ Frame 41A9 		35 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692502
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b420c37b65da2d8be2c2e2f7f6785796ade1b4e65c291760c9f98b9e8eb85c4e

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tV5l2tEbx%2BLU59ZPPiMdvQDX1Z9ss7W5F6zvBPm8FI2O03ngUYtt9N4B4gRO%2BCjIa%2FG0krfNi2av4F5myuB%2B%2BK5puyFdv%2F%2BMJLsWNfC9n0%2F5KeBoXQPBbfns095Qiw86iplq%2FXTY"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
815957dc7f303aa3-FRA
alt-svc
h3=":443"; ma=86400
content-length
35
expires
0
c
prebid.a-mo.net/a/ Frame 41A9 		0
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
date
Fri, 13 Oct 2023 17:36:09 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
19
server
envoy
vary
origin, Accept-Encoding
prebid
ads.yieldmo.com/exchange/ Frame 41A9 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x600x1-0%22%2C%22callback_id%22%3A%22109bde618a6cd94%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694023353507843%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x600_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&bust=1697218569568&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=23andMe%20confirms%20hack%20-%20Deseret%20News&w=1600&h=1200&pubcid=b630fe59-19be-4bfd-b089-389bb113a646&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22b630fe59-19be-4bfd-b089-389bb113a646%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.102.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-102-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
pragma
no-cache
date
Fri, 13 Oct 2023 17:36:09 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 41A9 		396 B
732 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409996&zone_id=2299322&size_id=15&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=b630fe59-19be-4bfd-b089-389bb113a646%5E1&rf=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&tg_i.domain=deseret.com&tg_i.page=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&tg_i.pbadslot=%2F65889844%2Fron01_300x600_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=12e6956fb2b9d91&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x600_desktop&slots=1&rand=0.8856256725981393
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5c962cc96d5b42fc0aabc4cbfa508287c954e9022c833fcc0267c6ebd5d79775

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
396
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 41A9 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
date
Fri, 13 Oct 2023 17:36:08 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame 41A9 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.deseret.com
pragma
no-cache
date
Fri, 13 Oct 2023 17:36:09 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 41A9 		396 B
908 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=476778&zone_id=2832546&size_id=15&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=b630fe59-19be-4bfd-b089-389bb113a646%5E1&rf=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&tg_i.domain=deseret.com&tg_i.page=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&tg_i.pbadslot=%2F65889844%2Fron01_300x600_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=184b8f72f1097df&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x600_desktop&slots=1&rand=0.9368180327494715
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c73de01e6d4ed07a7900cf82bada4d8db6590f3484ad0558f0e511293fe1e04f

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
396
expires
Wed, 17 Sep 1975 21:32:10 GMT
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame 5738 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:02:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
2008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 12 Oct 2024 17:02:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F9DD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=3190151112419911&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame 1F0E 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:02:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
2008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 12 Oct 2024 17:02:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E507 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310110101&jk=1854051373370780&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 5738 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?0VaMgA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 1F0E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?jegpMw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 41A9 		27 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3190151112419911&correlator=3378757786963467&eid=31078820&output=ldjh&gdfp_req=1&vrg=202310100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x600_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&didk=4289700379&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D73cbd3e445d0b158-22ad1e73d6e7006f%3AT%3D1697218566%3ART%3D1697218569%3AS%3DALNI_MbmmAvVybUAJTPLvS0nsd_wFab16A&gpic=UID%3D00000c9791d8bde3%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_MYcNdJCko0qIgnfIPVSyO_M5mg1Uw&abxe=1&dt=1697218570212&lmt=1697211370&adxs=1050&adys=779&biw=1600&bih=1200&isw=300&ish=600&scr_x=0&scr_y=0&btvi=0&ucis=9rljfqha5mp8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&ref=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&top=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&vis=1&psz=300x0&msz=300x250&fws=256&ohw=0&ea=0&ga_vid=1727420462.1697218566&ga_sid=1697218569&ga_hid=1835518903&ga_fc=true&dlt=1697218566916&idt=1281&adks=1191632890&frm=23
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecce87f08a1ca006715522db52028d1d1289b3a8dd52212a2dbf9321d60d8bff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11726
x-xss-protection
0
google-lineitem-id
6101519259
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138403346178
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
43a6e9a6f3365f4999b2b8b347c006e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A786 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://43a6e9a6f3365f4999b2b8b347c006e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 17:36:10 GMT
expires
Sat, 12 Oct 2024 17:36:10 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 41A9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231011&jk=3190151112419911&bg=!hIelh8jNAAbFpEfJ5aQ7ADQBe5WfOFzSfurL9flxp7e6iZYEchl5mfotIA-HTUxSVQsKoQtfWXAIrukVhHUylmJvjjNuAgAAAGRSAAAACmgBB5kDGeOrdbd0DP7arfEBGBeaAISKBluZ4P-dEThRYWA3hiuW9RYBBtadxDtUBqbaPIeTIilDGDd3Mo-nWozi14m7ygDvJEtp-6EROXUcvBhLX5W9YnvjjT8Q8giWBCw0_o1yh1L_V_jQqnMMdJ-hzGFZWV_ldwJuMIr-oRdEJO9P4bh5rL6xp5IRVjFf9hnFsF9CMfwwJBVRcFGLCON0YStyffeEb0-FEqEQrbuW2jvrOwqRsiolHUCCqoDnkMSdPC7NDbqZ2ZmBvacFEDCwXm8dT1b1mXbHgjB0QJ-REESl9Z-qdrnOeNWcv49xwhWR8t12lbo2_LZZ5hXRZtEm78VzRx1RmMXqYM7fUcWqd4hVKeZubZ9ySGTKyvCSwjfcSjQac2kax4PjVqXM9TUnTFFvv0_Fj7IzU3P4gVvPmv30GinapiwXD4pJy_MRPmq0VJtSVy5eR-79o58WSrblDSmMqygkcr9Rs99DkQID_O7Jl_8Hioo0k_p_q7aq0vMSr_IEFUEPBxPTLGh6g6hL9ehFp6J1tYEAOmFMOv8M8M1owFRMyyTOhOOHybj5dhuQracPSsJ-z3-kn13-96NIHMVH68P6IdozpoI20DDOAjV7IZjrXddfGiqf3bcD-cl4WYFXzjQehv_pSfA9FsxZAgSr7qI-9b_c1IEtYGs2yk0C3l5mfRzFQ8jjW4Z8OBt0vw76-9CnI18KbCSvLfEcWUvrI5FBkLpd6hyBDlTpq631_qiXFgFPTcw8KthXhlg1pkLg45Ef1h4XMfyW3-wo4P8w1tFpPBNJfUxp-chvFxCDaxm31wP6N1RbBz8u8mFwrSFOToYTsDgkBVUAK-f2jbZLRLMg4fRCwQj2to-CNWk74QuHQb_bcxEZ4OlIpR4e9iv2ojsSUYkGQXb5HlC2EvhtEH8nUesRZbpHERj4yBIFfhm-t-52Kg-WlQxAgWzsiOCsyyZrSPTiVVPbsUFcz2j-dqUaHAdHJ5XgEHgzYBrXguEDpmpm02CJb1e_9B1rLbc15h-5bPwaA3M4rJ0ZxLNicg3_oaNajgrOPuU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310110101&jk=1854051373370780&bg=!NDelN3jNAAbFpEfJ5aQ7ADQBe5WfOCJoNJ86Vwe1ImJ4z7IyVeo2hjJPUdnTvf079olqxuZLTMU7-Tk0igcxAMRcr7lnAgAAAF5SAAAABWgBB5kDC74kHpfRb50oOyRmiqUHoVZIwlNLqKFVkgpWQRoG5j07PyY346C7g-c2vzBrAL396KsNIMF-QnJhC6emA4a2ENW_YSjdY07os8nJXtet0DJnUw2X4wYXAI-EKi9GcHhcaSW44NUPkMkHwE7dc--mUV2IqP6O-3-SRdAQYPpR7SNdMB8vN5FN2KrhUJq5LzBSr7vMRT8uYy306QTj_NVnbh43fiqYLOcUtHK3H6u1hFElGJHj44ggNixHB07Dl9Awp7tIzXFZ8URBxwhuviJRAU_YTPKF71kqktzwgkEJF1d0QCDnH5sOxAJVsWP5PfLOGSNLXS2n1qeEP42q-hDbaIYzJgyfySUxMtCKPT2hRrYHvr7JVoxfxWN7IAZcavLmRkmjB3T3IzehPPHRJE_xceprQbg8eI-vy2FRjXFqBmmF6tbphr3_oaqxkCRUAcXzScfzepEV9i-EYZIoGx5WuXnhaxfkVTjFn_PI1kwPYrPY782RKF12UvGwRUKsiVjpKZxS4VcuS2sO2_Bii_AaAUpl5JFwsVtDnO_sKtHnvYkEQ17VJ3TkrRzguIgPRaHF2rZ61wojgQIkTZzB519Y_Ach5QX-JzSIzgw-8PXGFiJYRNheKNezlcpxkVwGKuj8Xc9d_WyIi7LfqCZ810m01EsM29tEBqbFcCCFq1egPC1s5hMYc62gdvsmItwQKhF9odFUxkG8f8LEUGHQHm8YcHyYHk8gTJz1zyE9ZxkwuTroe0kt3kw_PgQIf492ayr2pxUq0E_Ngnby4c4RzIkT-G4mIowoEuM5lKp9oMvDOgWOR4XEXNqDRkABgKrcajJ5iywvXHX5-Mq0K6xSTc2Ff-fkc1gP47mttIYgbjZjU6qeEaQNgFp4nalVxff3s1nLY07ROUvhe-BcZYYMD9SV07Nv81u5sSKKAcwDS-CRl7kIVzx2KdVXjTIHCBsTnTVU-be0BmzHLZb294JDCDAXIAlwnSktOzz5cd1H1eywVUGsBIbFuy03ytHsTUQM8beGvbBh9c7I98aiE7GT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
prebid
ads.yieldmo.com/exchange/ Frame 41A9 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x600x1-1%22%2C%22callback_id%22%3A%22219b15bc0cac64a%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694023353507843%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x600b_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&bust=1697218570354&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=23andMe%20confirms%20hack%20-%20Deseret%20News&w=1600&h=1200&pubcid=b630fe59-19be-4bfd-b089-389bb113a646&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22b630fe59-19be-4bfd-b089-389bb113a646%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.102.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-102-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
pragma
no-cache
date
Fri, 13 Oct 2023 17:36:10 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
trinity.json
apex.go.sonobi.com/ Frame 41A9 		729 B
976 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2223ffbc6fc8c8496%22%3A%22740fb425cd9d318aa0a3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x600b_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&s=d7b540f2-d431-4932-bce3-8ac5629f00e9&pv=282796d2-3362-458f-9417-f43fae56b9d2&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22deseret.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22deseret.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.70%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22b630fe59-19be-4bfd-b089-389bb113a646%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
699a545f6ead1d6c863f04abf61eaabb08ab61a5abbc5ad23bdc5981e7debc0d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:10 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-26
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
442
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 41A9 		397 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409996&zone_id=2299322&size_id=15&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=b630fe59-19be-4bfd-b089-389bb113a646%5E1&rf=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&tg_i.domain=deseret.com&tg_i.page=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&tg_i.pbadslot=%2F65889844%2Fron01_300x600b_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=25fc4b7b4eeb2ab&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x600b_desktop&slots=1&rand=0.7839055640235704
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0de2a17a5a0a4bf599664bfb9a7d9ebe73601c8c764ab31adac0d29481023e90

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:10 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
397
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 41A9 		37 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692502
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
273c3c5085650057714c34b66554ceab0ff22c25b9a26a6fd68d818b52a49ecb

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4mlZSdJe4CF%2FxGFBEq%2F0aTat7D3XkP%2FP5UuYn8Z7aGwNlPCpkoiLvcMxe%2BNyXWOmvbAmVdYs9oNHOvYM8rIlvl5gS19hDrGtpXPnwomaj7OgGqmk0LO52Nl%2FOvqiS2WRs6OqDEV"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
815957e0ecce3aa3-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
bid
ap.lijit.com/rtb/ Frame 41A9 		24 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.14.14 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
14.14.251.63.unassigned.ord.singlehop.net
Software
/
Resource Hash
54391dca8ba2ac6de4d2dfe0a309423f6a8c74060ea48308fd5147ed95e31eeb

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 13 Oct 2023 17:36:10 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.deseret.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
unruly_prebid
targeting.unrulymedia.com/ Frame 41A9 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.deseret.com
pragma
no-cache
date
Fri, 13 Oct 2023 17:36:10 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 41A9 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
date
Fri, 13 Oct 2023 17:36:10 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 41A9 		397 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=476778&zone_id=2832546&size_id=15&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=b630fe59-19be-4bfd-b089-389bb113a646%5E1&rf=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&tg_i.domain=deseret.com&tg_i.page=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&tg_i.pbadslot=%2F65889844%2Fron01_300x600b_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=35a1158dfbd43cb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x600b_desktop&slots=1&rand=0.32752383768807647
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
eee37e184ad644e9256ad8c8854238153498a9fd83dc8898f55cc49c536f2cca

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:10 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
397
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ Frame 41A9 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
date
Fri, 13 Oct 2023 17:36:10 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
37
server
envoy
vary
origin, Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame 41A9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst53Xcc7RW76I7iT9ZyP-namlf424rGaPI-4YCv3XSG0uwzoSW-KI-HD-Jb9hYOvreL0qKYAOAj5pLhJgyl25qFElk6fF0qUG95xspI4VNZte5HG-0IXYAmzrF3GIOJitpdQNqL236FBQ&sig=Cg0ArKJSzLPevpwnf4SBEAE&id=lidar2&mcvt=1015&p=778,1050,1378,1350&mtos=0,0,1015,1015,1015&tos=0,0,1015,0,0&v=20231011&bin=7&avms=nio&bs=1600,1200&mc=0.7&vu=1&app=0&itpl=19&adk=809571872&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697218566916&rpt=2422&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.deseret.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.deseret.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Fri, 13 Oct 2023 17:36:10 GMT
bl-34df212-55348960.js
tagan.adlightning.com/deseretdigital/ Frame 7A69 		58 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-34df212-55348960.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7612bf30899c897f5dd4739769176e9ee77212be2f6c8c0dd3f91d97ca797197

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 00:22:46 GMT
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-version-id
5i.RvlsKGMbN9HpLe1Gw054ImJsyVWlI
x-amz-cf-pop
FRA60-P4
age
62005
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24640
x-amz-meta-git_commit
34df212
last-modified
Fri, 13 Oct 2023 00:17:10 GMT
server
AmazonS3
etag
"489748cf984112c1ef086729f57451e7"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
XHBLT2VUJg4SGX-0XCKjG2FK6gGaIQoj-FGo7HSpghvjp61jle0rfg==
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame 7A69 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 05:22:14 GMT
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
994437
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
okJgif-HHvlnOtvlVB_gD0xJtNxlzRZGrM2QE-0CmQFqKLWY4TkhHw==
b-5f40b44-9f6c1b2b.js
tagan.adlightning.com/saambaa-deseret/ Frame 7A69 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/b-5f40b44-9f6c1b2b.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6611a010c1c02623f19baee463ab2bd5d3ca94f8a6cd0219b243212fd1751423

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 18:10:55 GMT
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-version-id
fP8PuZH8BatVq5HXfIsv4.6uZaG8ahhC
x-amz-cf-pop
FRA60-P4
age
1466715
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30497
x-amz-meta-git_commit
5f40b44
last-modified
Tue, 26 Sep 2023 18:10:17 GMT
server
AmazonS3
etag
"ee93a36c1860a5bf0ba3dd2972e0f548"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
3F9O6v0k7fDAJv-sQKSE_yBi01f_Y-Lo8UxmsI5kqsvwTdYrY20dZA==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 7A69 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5235b92a2857b5a12e509e2b0a87af627e078d49106424fa6c9dab003ab2e0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9566
x-xss-protection
0
server
cafe
etag
1506120072837045943
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:36:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7A69 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:36:10 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 41A9 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3190151112419911&correlator=222123073229791&eid=31078820&output=ldjh&gdfp_req=1&vrg=202310100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x600b_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=3&didk=4289700378&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D73cbd3e445d0b158-22ad1e73d6e7006f%3AT%3D1697218566%3ART%3D1697218569%3AS%3DALNI_MbmmAvVybUAJTPLvS0nsd_wFab16A&gpic=UID%3D00000c9791d8bde3%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_MYcNdJCko0qIgnfIPVSyO_M5mg1Uw&abxe=1&dt=1697218570671&lmt=1697211370&adxs=1050&adys=779&biw=1600&bih=1200&isw=300&ish=600&scr_x=0&scr_y=0&btvi=0&ucis=6zo32a182g9z&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&ref=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&top=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&vis=1&psz=300x0&msz=300x250&fws=256&ohw=0&ea=0&psts=AOrYGsm24b8W4U0wJoLc7_l7Pe301v0DZohMT9McMrxdCNk9B7VKxs_BpYaoBV9ERSy_4BkDKXsajQ94uu6TSrHHvm-d4P1-&ga_vid=1727420462.1697218566&ga_sid=1697218569&ga_hid=1835518903&ga_fc=true&dlt=1697218566916&idt=1281&adks=1981094264&frm=23
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff5e170348d6d912c979cfe36fd42ec482c81aad08987d4e8f582fb00acd6957
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11815
x-xss-protection
0
google-lineitem-id
6101519259
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138403346214
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7A69 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBrO-pl5sCge6ZZPHdCKh6BtLajbL3KxWyfTS0qv__58b6PpQCC3mKmuoo_HSH-mLnpajbw8KNmn3OKW9xDYfkHb85YasT7U_SklY3Kxe8Xw-NuD2ZFJ3lqyXN-n8KMqcXniJTLvACND2kMwd6gMpxSOPyw5LxLb_sOEANgmrcO3lzZaJWClhNX0FUIa9qS8ik_o2GV_x1pcm1TVYvD709Rg0HGlP4TruX61UWxmr-3ylKH0PhnVw2RB-r3FOykz6nePP-ynie5TFZpEz--vYprY-4z0sEI47xyZIKiq_BCImhOkS3FnmNoi4JXJvmyL7vWRL_6_kszXBXd_bWYQ&sai=AMfl-YQquMBwbssDeyC17zQYJ06sQCCoKvAWyOFRIVN7qASQ1Zjecae7XNi_SIVDGt4XQNr9uuxNpqLIu5x1YPgV7dogutWeHr354mgCT0660dQ02Ms1FJqfFvBJyAawDw&sig=Cg0ArKJSzF8zybD391-cEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 7A69 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
39b5497c89f88d014ce6f34a8d31600865ccffbbe379479c118fd7df7f611dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51303
x-xss-protection
0
server
cafe
etag
16928518849626267126
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:36:10 GMT
truncated
/ Frame 7A69 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d9471b2dee2e6a56675ee3a793677cdd93c31dbcd2fb4f799936b9c66972bb1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
bl-34df212-55348960.js
tagan.adlightning.com/deseretdigital/ Frame 075C 		58 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-34df212-55348960.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7612bf30899c897f5dd4739769176e9ee77212be2f6c8c0dd3f91d97ca797197

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 00:22:46 GMT
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-version-id
5i.RvlsKGMbN9HpLe1Gw054ImJsyVWlI
x-amz-cf-pop
FRA60-P4
age
62006
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24640
x-amz-meta-git_commit
34df212
last-modified
Fri, 13 Oct 2023 00:17:10 GMT
server
AmazonS3
etag
"489748cf984112c1ef086729f57451e7"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
6P3rZ-TS15m4fYikdVogm_QXfoaxX5VZMgnjh7lNjO-lhxzp6NLd1Q==
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame 075C 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 05:22:14 GMT
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
994438
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
0NzHRBQQ0IDKzX81Ll0vZCVACBIo9Avc2nLn4-jpa-Xf3s6xRI3tJw==
b-5f40b44-9f6c1b2b.js
tagan.adlightning.com/saambaa-deseret/ Frame 075C 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/b-5f40b44-9f6c1b2b.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6611a010c1c02623f19baee463ab2bd5d3ca94f8a6cd0219b243212fd1751423

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 18:10:55 GMT
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-version-id
fP8PuZH8BatVq5HXfIsv4.6uZaG8ahhC
x-amz-cf-pop
FRA60-P4
age
1466716
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30497
x-amz-meta-git_commit
5f40b44
last-modified
Tue, 26 Sep 2023 18:10:17 GMT
server
AmazonS3
etag
"ee93a36c1860a5bf0ba3dd2972e0f548"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
OLf3Uclv20taea_G6v5QEf3vLqYGrJ9wT3SRBVQD-AIkfMn1NVc5ng==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 075C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7f579ae91cdfe6c93a19438d8a2157b13701be2de0ec3e8d325ca7a1380eefc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9554
x-xss-protection
0
server
cafe
etag
16937250900786665832
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:36:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 075C 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:36:11 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/ Frame 7A69 		393 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.deseret.com&bust=31078772
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c2ab8c89a0b8c8fa12ee998135187c58086ffd6a372e962e2b28ab021364d97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136616
x-xss-protection
0
server
cafe
etag
16808064569265470274
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:36:11 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.deseret.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.deseret.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Fri, 13 Oct 2023 17:36:11 GMT
translator
hbopenbid.pubmatic.com/ Frame 41A9 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
date
Fri, 13 Oct 2023 17:36:10 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame 41A9 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.deseret.com
pragma
no-cache
date
Fri, 13 Oct 2023 17:36:11 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ Frame 41A9 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x600x1-2%22%2C%22callback_id%22%3A%22445146c18750aa6%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694023353507843%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x600c_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&bust=1697218571167&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=23andMe%20confirms%20hack%20-%20Deseret%20News&w=1600&h=1200&pubcid=b630fe59-19be-4bfd-b089-389bb113a646&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22b630fe59-19be-4bfd-b089-389bb113a646%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.102.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-102-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
pragma
no-cache
date
Fri, 13 Oct 2023 17:36:11 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 41A9 		397 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=476778&zone_id=2832546&size_id=15&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=b630fe59-19be-4bfd-b089-389bb113a646%5E1&rf=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&tg_i.domain=deseret.com&tg_i.page=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&tg_i.pbadslot=%2F65889844%2Fron01_300x600c_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=467fcd15b96166e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x600c_desktop&slots=1&rand=0.9450066494478304
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
57059914e00813a77e707a972919541906253d82e823571e57e607e53c65289a

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:11 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
397
expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ Frame 41A9 		729 B
976 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%224839903b766d9a8%22%3A%22740fb425cd9d318aa0a3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x600c_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&s=21f4f3f6-4477-486d-8577-fb75ebf57cb8&pv=282796d2-3362-458f-9417-f43fae56b9d2&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22deseret.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22deseret.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.70%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22b630fe59-19be-4bfd-b089-389bb113a646%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
66f084c86539e386c751f9bca5e8d249ac1d60d8e123a1975c84d52c6bacd934
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:11 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-26
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
442
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 41A9 		397 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409996&zone_id=2299322&size_id=15&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=b630fe59-19be-4bfd-b089-389bb113a646%5E1&rf=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&tg_i.domain=deseret.com&tg_i.page=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&tg_i.pbadslot=%2F65889844%2Fron01_300x600c_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=5017499e5b856fc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x600c_desktop&slots=1&rand=0.8249161795592757
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5400c4a1a648aaee69cae2ffb458dc101b1b0ee4f7ff8392b295cf937a6e2ea7

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:11 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
397
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ Frame 41A9 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
date
Fri, 13 Oct 2023 17:36:10 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
server
envoy
vary
origin, Accept-Encoding
pbjs
htlb.casalemedia.com/openrtb/ Frame 41A9 		37 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692502
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
406ca377f1f4d3156d974a2e82666da491e51cd63f6255ed656c452fda0be859

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZSoo3MnMKq4b5%2BugA9ygTmq2%2FQ3NDzMzRo568Y1o4WsIKrYt50H6LkBLTV8TUC4grmT3nO1ZGFmYFoMz%2FR7kkyK1XUVigNR%2BcFWEwuSOd%2Bjri%2FG2vluY%2BcHc%2BuIOa0xkLbK8f0b"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
815957e5f8711b93-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
bid
ap.lijit.com/rtb/ Frame 41A9 		24 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.14.14 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
14.14.251.63.unassigned.ord.singlehop.net
Software
/
Resource Hash
bd4cca3a6ddb7a2452b1bc5d56e978e4412ae2a6fb188c4852770d3b01b2c47d

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 13 Oct 2023 17:36:11 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.deseret.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
view
securepubads.g.doubleclick.net/pcs/ Frame 075C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvwtMriNtC5-iXIOz-zib07PzNaPkAFl3boFBwvbUOQPOj4KNLLDtI-JpVaA8orXs3gWCm9JYszQ1-Se_H2Iile4fgA_2gaNBXDRGuecOuYANUB0TqdI9WqLKR5ZP_lLAUfEipof3GHcu5EHFYeEDUfj4qCDb6JVTacPG06_-eMQB9UKgS74CCschRlRf7sjEZnYIYAz8Pm-iZroKJj9fP6vDMAvCDzpWsIW5aJ6ct9fxr8-CEDkWKLFmR6X0vJV9fNHcmhhjPU10ilNeTCio2sNDlMZSQc2mE8aMsZbnxiISgH_Ir8lIAok87tFWqRYXrr3jJe4hOE_lCVjrRt0JchVgOhW0JfIYZFcAQoY9L6EC0U5Zc&sai=AMfl-YQPjRTQw4kK-_ucLfiHF5pO8ZooLnJX90kQ0wKHkp2PzMJewWM2BmqTl8HnC-_Q6ffv9qFz_4aHwFuN5Ij-WSTduRa5AvVwRe-WcJQSqdKFDkr5-zZgxbhgEkqbhw&sig=Cg0ArKJSzFHkrNTenp7WEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 075C 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7800cba817ddd827d37dbdc366aa6dd118d321008877022eb1ba91a146905084
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51302
x-xss-protection
0
server
cafe
etag
12409950240656452715
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:36:11 GMT
truncated
/ Frame 075C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27f9865762c2558b3aa876075ddaa279924fb9a4d6be3d6ca625eee295c1757c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
cookie.js
partner.googleadservices.com/gampad/ Frame 7A69 		12 B
100 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.deseret.com&callback=_gfp_s_&client=ca-pub-6552175488733768&cookie=ID%3D73cbd3e445d0b158-22ad1e73d6e7006f%3AT%3D1697218566%3ART%3D1697218569%3AS%3DALNI_MbmmAvVybUAJTPLvS0nsd_wFab16A&gpic=UID%3D00000c9791d8bde3%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_MYcNdJCko0qIgnfIPVSyO_M5mg1Uw
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DE04 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=4198764255&pi=t.ma~as.RON_300x250_House&w=300&lmt=1697211371&url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697218570922&bpp=194&bdt=407&idt=469&shv=r20231011&mjsv=m202310100101&ptt=5&saldr=sd&cookie=ID%3D73cbd3e445d0b158-22ad1e73d6e7006f%3AT%3D1697218566%3ART%3D1697218569%3AS%3DALNI_MbmmAvVybUAJTPLvS0nsd_wFab16A&gpic=UID%3D00000c9791d8bde3%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_MYcNdJCko0qIgnfIPVSyO_M5mg1Uw&correlator=1464624138789&frm=23&ife=4&pv=2&ga_vid=1727420462.1697218566&ga_sid=1697218571&ga_hid=742970120&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=779&biw=1600&bih=1200&isw=300&ish=250&ifk=228789091&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078597%2C31078600%2C31078702%2C42531705%2C44801484%2C44805099%2C44805681%2C31078297%2C31078772%2C31078772&oid=2&pvsid=2656168397849019&tmod=655187950&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qhlwfk7gfcuc&fsb=1&dtd=483
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 17:36:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 41A9 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3190151112419911&correlator=2175705872842896&eid=31078820&output=ldjh&gdfp_req=1&vrg=202310100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x600c_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=4&didk=4289700377&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D73cbd3e445d0b158-22ad1e73d6e7006f%3AT%3D1697218566%3ART%3D1697218569%3AS%3DALNI_MbmmAvVybUAJTPLvS0nsd_wFab16A&gpic=UID%3D00000c9791d8bde3%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_MYcNdJCko0qIgnfIPVSyO_M5mg1Uw&abxe=1&dt=1697218571428&lmt=1697211371&adxs=1050&adys=779&biw=1600&bih=1200&isw=300&ish=600&scr_x=0&scr_y=0&btvi=0&ucis=85mtbhs873ru&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&ref=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&top=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&vis=1&psz=300x0&msz=300x250&fws=256&ohw=0&ea=0&psts=AOrYGsm24b8W4U0wJoLc7_l7Pe301v0DZohMT9McMrxdCNk9B7VKxs_BpYaoBV9ERSy_4BkDKXsajQ94uu6TSrHHvm-d4P1-%2CAOrYGslUjC_jeryBF6wf7_4Do8upyQqpZDLzz427lABsJLSEX7msFZ68-3DABN7IOZk1xRYECGzBQP-CKWcTtJDhXbYMx6RT&ga_vid=1727420462.1697218566&ga_sid=1697218569&ga_hid=1835518903&ga_fc=true&dlt=1697218566916&idt=1281&adks=100925982&frm=23
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dbb046fa72c876cca5055197f78751f09b508b0e8d22e07ee9c36fb0836cabac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11770
x-xss-protection
0
google-lineitem-id
6101519259
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138403344102
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310040101/ Frame 075C 		390 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.deseret.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
863a106e2dd7f8bf8205a9fca14cd7a6932babd22c16087b458155a9f3ee89ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135483
x-xss-protection
0
server
cafe
etag
15247867649554037192
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:36:11 GMT
bl-34df212-55348960.js
tagan.adlightning.com/deseretdigital/ Frame 582E 		58 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-34df212-55348960.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7612bf30899c897f5dd4739769176e9ee77212be2f6c8c0dd3f91d97ca797197

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 00:22:46 GMT
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-version-id
5i.RvlsKGMbN9HpLe1Gw054ImJsyVWlI
x-amz-cf-pop
FRA60-P4
age
62006
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24640
x-amz-meta-git_commit
34df212
last-modified
Fri, 13 Oct 2023 00:17:10 GMT
server
AmazonS3
etag
"489748cf984112c1ef086729f57451e7"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
-HOiYc6L2wZueivxDIAsB2WcwkxSfFiOiw5kxnAKZFEAaMK6JHTqHQ==
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame 582E 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 05:22:14 GMT
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
994438
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
jCufw42RikwsQ6K1V0vqwgrV2VRFrjEKIm09wVqVtW6FQHJ-xyzp8w==
b-5f40b44-9f6c1b2b.js
tagan.adlightning.com/saambaa-deseret/ Frame 582E 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/b-5f40b44-9f6c1b2b.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6611a010c1c02623f19baee463ab2bd5d3ca94f8a6cd0219b243212fd1751423

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 18:10:55 GMT
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-version-id
fP8PuZH8BatVq5HXfIsv4.6uZaG8ahhC
x-amz-cf-pop
FRA60-P4
age
1466716
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30497
x-amz-meta-git_commit
5f40b44
last-modified
Tue, 26 Sep 2023 18:10:17 GMT
server
AmazonS3
etag
"ee93a36c1860a5bf0ba3dd2972e0f548"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
88mY5CO6l0Xp0Kksvv9GeWx3cDc_X4yBSeKgYnAq7wE9mijBLd0qKA==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 582E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a569435118aa25840b4faa2e74e282f780f98c1fda20e5025360e862d4866f33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9562
x-xss-protection
0
server
cafe
etag
1998168917711665506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:36:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 582E 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:36:11 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 075C 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.deseret.com&callback=_gfp_s_&client=ca-pub-6552175488733768&cookie=ID%3D73cbd3e445d0b158-22ad1e73d6e7006f%3AT%3D1697218566%3ART%3D1697218569%3AS%3DALNI_MbmmAvVybUAJTPLvS0nsd_wFab16A&gpic=UID%3D00000c9791d8bde3%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_MYcNdJCko0qIgnfIPVSyO_M5mg1Uw
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 78DA 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=4198790040&pi=t.ma~as.RON_300x250_House&w=300&lmt=1697211371&url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697218571364&bpp=143&bdt=360&idt=390&shv=r20231011&mjsv=m202310040101&ptt=5&saldr=sd&cookie=ID%3D73cbd3e445d0b158-22ad1e73d6e7006f%3AT%3D1697218566%3ART%3D1697218569%3AS%3DALNI_MbmmAvVybUAJTPLvS0nsd_wFab16A&gpic=UID%3D00000c9791d8bde3%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_MYcNdJCko0qIgnfIPVSyO_M5mg1Uw&correlator=1464624138789&frm=23&ife=4&pv=1&ga_vid=1727420462.1697218566&ga_sid=1697218572&ga_hid=1668355029&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=779&biw=1600&bih=1200&isw=300&ish=250&ifk=249541241&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078599%2C44795922%2C44805098%2C44805333&oid=2&pvsid=3419755253331875&tmod=950078835&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8q7jjc6bxq0c&fsb=1&dtd=407
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 17:36:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 582E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssSiRsNA9E3Q-Xy4dnlvrPXWt0akr2Hecyn5KbcMd_23zuJbCtmN0tV90C5g3LiQ8Az49imOvnLj_wMTcR36cvcCt1CnU2lRacpnhE0oU-o5jIeT2ts8y5fSKnMqhzE0FgarMj1VvUvCVdr26-HwvJQVdTbAtv6jjb4OZMwyVJkdv9yPLTUWO9ui5ikCD4lGzz0fp4VmAmFUlVKYM0-PTgWrS1pnqoC4hiZXd-3WWw4Dxh9xVvmnAXusrorex-lUrj9okQ5KAQl51l6gCHL87xdYS7iNBSncvjf8uzSrZGg7viH5kOaGyXnkPyWDP53mjec0IG4ocSpMDnskyezkd4&sai=AMfl-YQXJeA8oTCocuZ5sxyML4WtMmGfrOyqIUeiu3fBRKyIe1vTyRgxxHL48-lDOn-sWn9ZSHXwZf1iy_G-neUtpYmtvlLvCGNPjURjsIn7te26HtfpefbM7L9PIXtclQ&sig=Cg0ArKJSzHCLKMyW4aXvEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.deseret.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.deseret.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Fri, 13 Oct 2023 17:36:12 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 41A9 		397 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409996&zone_id=2299322&size_id=15&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=b630fe59-19be-4bfd-b089-389bb113a646%5E1&rf=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&tg_i.domain=deseret.com&tg_i.page=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&tg_i.pbadslot=%2F65889844%2Fron01_300x600d_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=59a2db2c9ad1484&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x600d_desktop&slots=1&rand=0.2479824009220739
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8ac0061deef474552d741b1c80204311490bc9676c6dd1fb9cc9e279f0ddf59d

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:12 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
397
expires
Wed, 17 Sep 1975 21:32:10 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 41A9 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.deseret.com
pragma
no-cache
date
Fri, 13 Oct 2023 17:36:12 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 41A9 		397 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=476778&zone_id=2832546&size_id=15&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=b630fe59-19be-4bfd-b089-389bb113a646%5E1&rf=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&tg_i.domain=deseret.com&tg_i.page=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&tg_i.pbadslot=%2F65889844%2Fron01_300x600d_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=6322e5697fb3ba4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x600d_desktop&slots=1&rand=0.4904524398968577
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8091a6db08c1258bfc46110283fbae80bb702e651805b9c9b4cb055d71b540a9

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:12 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
397
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame 41A9 		24 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.14.14 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
14.14.251.63.unassigned.ord.singlehop.net
Software
/
Resource Hash
208f58092fbda7a5d1e838ff838121819de499ba1c3002ee12515eb2944283b2

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 13 Oct 2023 17:36:12 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.deseret.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
trinity.json
apex.go.sonobi.com/ Frame 41A9 		729 B
975 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%226702d1af20dab22%22%3A%22740fb425cd9d318aa0a3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x600d_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&s=5e36f9ce-4f5a-472b-8048-7e99f7b079cc&pv=282796d2-3362-458f-9417-f43fae56b9d2&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22deseret.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22deseret.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.70%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22b630fe59-19be-4bfd-b089-389bb113a646%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
fd35d12b17ce478452e385da6327c1d7d65218dbcf54ec63e728857afae15b90
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:12 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-26
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
441
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ads.yieldmo.com/exchange/ Frame 41A9 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x600x1-3%22%2C%22callback_id%22%3A%2269837d6cc35954f%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694023353507843%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x600d_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&bust=1697218572029&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=23andMe%20confirms%20hack%20-%20Deseret%20News&w=1600&h=1200&pubcid=b630fe59-19be-4bfd-b089-389bb113a646&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22b630fe59-19be-4bfd-b089-389bb113a646%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.102.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-102-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
pragma
no-cache
date
Fri, 13 Oct 2023 17:36:12 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
c
prebid.a-mo.net/a/ Frame 41A9 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
date
Fri, 13 Oct 2023 17:36:11 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
32
server
envoy
vary
origin, Accept-Encoding
translator
hbopenbid.pubmatic.com/ Frame 41A9 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
date
Fri, 13 Oct 2023 17:36:10 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame 41A9 		37 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692502
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
473530af7484801caacd30c0b758ddb90042a83118d02f2f7dbffdf79d763e32

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M4JlD5PGrAcDipqqHAplL1PR%2FHlLSOpXHr%2B3hEiohmZcyhRH6%2Flgm0L%2B8j7t5c5OS8zaDli9fIUGGQLsiA3lWym5XnKCyddwBt4gL%2FxFFeJIT5PCE0iC3ztrbQDimUXoINV73mBq"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
815957eb58f11b93-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 582E 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56f34b0c31a1134660c5f07b8ed056f53707565b3fab062e3ac2425bf70a80c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51305
x-xss-protection
0
server
cafe
etag
1203081234751776232
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:36:12 GMT
truncated
/ Frame 582E 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa228570b3dcdecf3ebc24c2ead296c44536592954ac7b23927a4a820ef1b329

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 7A69 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvsaRaeheftEEJ4OwMAGRDwN80E7K3m9AUFluibFCsXIieCOif3o9ZLvKZZ1CyNjyDwthI7bC_uKVAPPx2z8y0G3KGKbn0OP3ifYC4lCWU1u8iV5UVacwxqfTcO6YtDxFa-RkgzoGeJoceABxjeWGC3UdV-Ytd3rx88uflKvxLAHT22ic80PKonFCqxTWPWKH8nogYeVd4rkCtYRKja2oqq_3zYCtBiJ2bCSHHfsJm8OWuYegHNiSmI77vE0u6KZRmOYLtn8BsJNaZtdEir4YKxeAGYUnpcxMZ2bFwwOSjFHYgIla_a9kB1hPb4dZm-vDtnVvrnb4UUQT65NqQXx5JD&sai=AMfl-YQoA9kJRWKYKLCTlmuE37uJyN3WDbDwARP_NEkZLgIHXjBXaxiC7QQDjfZD1tgdZsnWTWh01sisCkzQxOxHss6TXhdneHfXbuLL42tVFdraMQXUV9A0XiVVSwqbjw&sig=Cg0ArKJSzLXdpOPB3o1dEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 13 Oct 2023 17:36:12 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7A69 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.deseret.com&bust=31078772
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a1b5f12778dc4fec2b6b275b72cd0f450b4adbd001235e02d17f736668b6420
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12200
x-xss-protection
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
64d945ceae701d427a8403ede490a4bec77749b4626b9ac295c0f87a2051721f

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
177
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
699a0fed2799419afa73ab1e049cbf8d610f12f20c9f1ec9cfadcef5c5511ff1

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a4411369983a3d3d64ed7651311ca28a5de5721a221a9aeb66774626029fbc77

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
6eeef958cb9239615d044262c6a085e5dd7bcc6eff1a937d389c6a4aa318f342

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
f2309f0271c218fdd5520d0100c7f9404dda13d2915ce9638271c351e8938a8e

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
213a40aff22938f7f70af43c23efe6bddf039713f041dd94ffe72ef5bac1b701

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
561b4ed2789b7e1985ee47ece459173eaacde99dbb9ec70689bce14d67a87d08

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
6b65062c13b1fbf5e4b11a7686da59324356a8aa87ec22ed9a988a295c55f82f

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
Expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7A69 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 13 Oct 2023 17:36:12 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
7ce817e90950ca862e6deb41fd7a7da9a5ae489773daf3f6a12419d25b6080bb

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
5bbb3d0ea4664762ea97374ae3b004b50f62a2f6560ceae6507f9f12cb4467b9

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
9042a5ce9344f28ad315e788072361290d48eea825c4ad9f576c2e965ca8fdea

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
d68bcb5dddd299115f4f8437d744ff4466f64d12a7d658b73236e5ebbc959647

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
172
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
98acdc90ef59253b10fb7b9b0e8c6929657cadbc177ef8c4123c702791422170

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
Expires
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/ Frame 582E 		393 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.deseret.com&bust=31078722
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e30ea2364333779a7465bf5888be57e21d793c3ce1f97cb7fd24a75cae90b33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136612
x-xss-protection
0
server
cafe
etag
9470709476227168253
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:36:12 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 075C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3TZH529sdJwrCgCKKQY3hcGJjVzNjUS634l54jpaLp06RO8NgEjs-5lIGavEtf-Y4vq0D5T2jYzVB3qtIyAsZN--q9cQYsiLxv72eZpEZLyAXqutsTA0i5qpda_nP6Lwmh86UrcxukF8f9ceLosYuQe59FrFg4MHSca3cGDb0CmDkpAGqlBq89VWPaIuA0eD5XGDyvOEjH0pqbJBS2Jcy9VGCwn6JXVhD8aF7okouZUu9l9ybIegD5aWfU_RjFQTnWzPJb_OWzJT7AwdcdCt15yi6-xxx_-zcDPjPUpV8YtF1_xt2zXSDQ2I6VHNX0Hjuuyy4XCFsbtSGzk1ucHI1BwoWWexUTRjdQnBrYeKL825zG6XMYyc&sai=AMfl-YSOglMTrWgcoLlMfbBICcXRSbH3V6ezo7PURZOgDJtY0v2sO0Nr4FGiLD1wPMzComHt24fyXtaBbAIlwkqdT3RDGMzt0RSj57tJUzTjUntq9fqSwJvWEg-oijOkSw&sig=Cg0ArKJSzEWSKSRSBdpsEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 13 Oct 2023 17:36:12 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 075C 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.deseret.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c11dcf891fdf84ea7f0725ba098fe4213c047755c8ffc6627306a8e04bbfa773
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12296
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 41A9 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3190151112419911&correlator=2092021542637470&eid=31078820&output=ldjh&gdfp_req=1&vrg=202310100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x600d_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=5&didk=4289700376&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D73cbd3e445d0b158-22ad1e73d6e7006f%3AT%3D1697218566%3ART%3D1697218569%3AS%3DALNI_MbmmAvVybUAJTPLvS0nsd_wFab16A&gpic=UID%3D00000c9791d8bde3%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_MYcNdJCko0qIgnfIPVSyO_M5mg1Uw&abxe=1&dt=1697218572249&lmt=1697211372&adxs=1050&adys=779&biw=1600&bih=1200&isw=300&ish=600&scr_x=0&scr_y=0&btvi=0&ucis=mylufxae6qc&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&ref=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&top=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&vis=1&psz=300x0&msz=300x250&fws=256&ohw=0&ea=0&psts=AOrYGsm24b8W4U0wJoLc7_l7Pe301v0DZohMT9McMrxdCNk9B7VKxs_BpYaoBV9ERSy_4BkDKXsajQ94uu6TSrHHvm-d4P1-%2CAOrYGslUjC_jeryBF6wf7_4Do8upyQqpZDLzz427lABsJLSEX7msFZ68-3DABN7IOZk1xRYECGzBQP-CKWcTtJDhXbYMx6RT%2CAOrYGslaSoRWKyWbbaYYWzZfTa_j1fqAmtLjFDEjmirmSGPd4R5Gmjukdsezc7d1u6R9n1vsYedphc3We-m6Ille6FAo3N8Q&ga_vid=1727420462.1697218566&ga_sid=1697218569&ga_hid=1835518903&ga_fc=true&dlt=1697218566916&idt=1281&adks=1528309445&frm=23
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7311da78afeb95caf1c39d060da9e270025ed152fc0ea3f6c73b77f0ecdbb3ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:12 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11831
x-xss-protection
0
google-lineitem-id
6101519259
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138403346211
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9D9D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
949
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 17:20:23 GMT
expires
Sat, 12 Oct 2024 17:20:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B5D9 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cfc14eabc9c31e697dfbd7eea7f1e9514fe9e0beb0531025fa59cebcae95dc99
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HuIPPiu9QleGHv4ukvxfXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-HuIPPiu9QleGHv4ukvxfXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 17:36:12 GMT
expires
Fri, 13 Oct 2023 17:36:12 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame 9D9D 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:02:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
2011
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 12 Oct 2024 17:02:41 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 075C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 13 Oct 2023 17:36:12 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B5D9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=2656168397849019&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 13E2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
949
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 17:20:23 GMT
expires
Sat, 12 Oct 2024 17:20:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FA3E 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
851c318e4607c8b961ec40adb8d8d2bf234a7eff03ac9b67722d9a4f804be782
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7QAmv4jHyqVwV41TMz4q6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-7QAmv4jHyqVwV41TMz4q6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 17:36:12 GMT
expires
Fri, 13 Oct 2023 17:36:12 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
generate_204
tpc.googlesyndication.com/ Frame 9D9D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Cz68dA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:12 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cookie.js
partner.googleadservices.com/gampad/ Frame 582E 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.deseret.com&callback=_gfp_s_&client=ca-pub-6552175488733768&cookie=ID%3D73cbd3e445d0b158-22ad1e73d6e7006f%3AT%3D1697218566%3ART%3D1697218569%3AS%3DALNI_MbmmAvVybUAJTPLvS0nsd_wFab16A&gpic=UID%3D00000c9791d8bde3%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_MYcNdJCko0qIgnfIPVSyO_M5mg1Uw
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 06E8 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=4198791073&pi=t.ma~as.RON_300x250_House&w=300&lmt=1697211372&url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697218572038&bpp=176&bdt=383&idt=435&shv=r20231011&mjsv=m202310100101&ptt=5&saldr=sd&cookie=ID%3D73cbd3e445d0b158-22ad1e73d6e7006f%3AT%3D1697218566%3ART%3D1697218569%3AS%3DALNI_MbmmAvVybUAJTPLvS0nsd_wFab16A&gpic=UID%3D00000c9791d8bde3%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_MYcNdJCko0qIgnfIPVSyO_M5mg1Uw&correlator=1464624138789&frm=23&ife=4&pv=1&ga_vid=1727420462.1697218566&ga_sid=1697218572&ga_hid=1267103597&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=779&biw=1600&bih=1200&isw=300&ish=250&ifk=3430577611&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805099%2C44805113%2C44805534%2C31078301%2C31078722%2C31078680&oid=2&pvsid=1324081584673198&tmod=1786617360&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.oj8ror2wocvv&fsb=1&dtd=450
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 17:36:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame 13E2 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:02:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
2011
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 12 Oct 2024 17:02:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame FA3E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=3419755253331875&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
bl-34df212-55348960.js
tagan.adlightning.com/deseretdigital/ Frame 0D04 		58 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-34df212-55348960.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7612bf30899c897f5dd4739769176e9ee77212be2f6c8c0dd3f91d97ca797197

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 00:22:46 GMT
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-version-id
5i.RvlsKGMbN9HpLe1Gw054ImJsyVWlI
x-amz-cf-pop
FRA60-P4
age
62007
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24640
x-amz-meta-git_commit
34df212
last-modified
Fri, 13 Oct 2023 00:17:10 GMT
server
AmazonS3
etag
"489748cf984112c1ef086729f57451e7"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
2rRMo42a7IITXwNdwiBvjsqKdWGM5T8yWIIZu_IFcsQpAhrSGA-4Iw==
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame 0D04 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 05:22:14 GMT
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
994439
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
UMtbCbxC021Wfs-7On0Wm3p1V-7k25kJoJCW1lyCIZCQvRDzmZP2yg==
b-5f40b44-9f6c1b2b.js
tagan.adlightning.com/saambaa-deseret/ Frame 0D04 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/b-5f40b44-9f6c1b2b.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6611a010c1c02623f19baee463ab2bd5d3ca94f8a6cd0219b243212fd1751423

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 18:10:55 GMT
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-version-id
fP8PuZH8BatVq5HXfIsv4.6uZaG8ahhC
x-amz-cf-pop
FRA60-P4
age
1466717
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30497
x-amz-meta-git_commit
5f40b44
last-modified
Tue, 26 Sep 2023 18:10:17 GMT
server
AmazonS3
etag
"ee93a36c1860a5bf0ba3dd2972e0f548"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
WV18Y-q918zflE5y9X9bDMgzXdPMrQzSdRoAzyXHqjTWXHUNF99JUw==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 0D04 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85def7b2fa112c08016ff6d8e9f49af9bcd4c21077ed7df9de49446f83444af5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9552
x-xss-protection
0
server
cafe
etag
17209640845942865357
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:36:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0D04 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:36:12 GMT
track
track1.aniview.com/ Frame 7413 		0
120 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.deseret.com&rs=www.deseret.com&sid=30279&t=1697218568&cip=80.255.7.105&sn=214965&tgt=0&osv=10&bv=118.0&brn=Chrome&wi=764&he=429&app=&AV_PUBLISHERID=58a5addb28a0612d3529bc5e&test=&d64=607e8d752ac0e215447f7346ba47f267&d63=607e8d752ac0e215447f7346ba47f267&aafaid=&proto=https&uid=60f30b9c3720125f881db5d8b436ded5&cha=0.7&stagid=&stplid=&d35=&d36=6.2.134&cb=3831785728&d39=&d65=&d66=&d74=&d56=&apppkg=&cd3=9837681&cd4=footer&cd5=11741-89554-81574%2C12712-0-%2C12820-91493-91494&cd1=AR_1%23FMS_CP_1&cd2=11741-89554-81574&d9=1000&d37=realtime&AV_WIDTH=764&AV_HEIGHT=429
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.31.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-31-210.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 13 Oct 2023 17:36:13 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.deseret.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.deseret.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Fri, 13 Oct 2023 17:36:12 GMT
bid
ap.lijit.com/rtb/ Frame 41A9 		24 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.14.14 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
14.14.251.63.unassigned.ord.singlehop.net
Software
/
Resource Hash
d8ae75e271d4fa610a8953650e608620badb7a0bdd6e79518637c6cc719cc0a9

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 13 Oct 2023 17:36:12 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.deseret.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
c
prebid.a-mo.net/a/ Frame 41A9 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
date
Fri, 13 Oct 2023 17:36:12 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
10
server
envoy
vary
origin, Accept-Encoding
prebid
ads.yieldmo.com/exchange/ Frame 41A9 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x600x1-4%22%2C%22callback_id%22%3A%2282871bf531350d1%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694023353507843%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x600e_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&bust=1697218572817&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=23andMe%20confirms%20hack%20-%20Deseret%20News&w=1600&h=1200&pubcid=b630fe59-19be-4bfd-b089-389bb113a646&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22b630fe59-19be-4bfd-b089-389bb113a646%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.102.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-102-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
pragma
no-cache
date
Fri, 13 Oct 2023 17:36:12 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 41A9 		397 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409996&zone_id=2299322&size_id=15&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=b630fe59-19be-4bfd-b089-389bb113a646%5E1&rf=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&tg_i.domain=deseret.com&tg_i.page=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&tg_i.pbadslot=%2F65889844%2Fron01_300x600e_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=84dbd9ab341ac19&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x600e_desktop&slots=1&rand=0.3302810022086815
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a86b6ad9e03d76408d611ce4b65f88621293e051372219a82e1d43807e13b540

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:12 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
397
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 41A9 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
date
Fri, 13 Oct 2023 17:36:12 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame 41A9 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.deseret.com
pragma
no-cache
date
Fri, 13 Oct 2023 17:36:12 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame 41A9 		729 B
976 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2290b2842c023456b%22%3A%22740fb425cd9d318aa0a3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x600e_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&s=d3e26e90-cb4b-4ded-a3bb-8736eb7e6b02&pv=282796d2-3362-458f-9417-f43fae56b9d2&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22deseret.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22deseret.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.70%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22b630fe59-19be-4bfd-b089-389bb113a646%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
3c52770decff78dd33de00350f66a0122a6a219ed2b54552c14bbc841de6c833
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:12 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-26
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
442
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 41A9 		397 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=476778&zone_id=2832546&size_id=15&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=b630fe59-19be-4bfd-b089-389bb113a646%5E1&rf=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&tg_i.domain=deseret.com&tg_i.page=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&tg_i.pbadslot=%2F65889844%2Fron01_300x600e_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=92cba14c99bab53&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x600e_desktop&slots=1&rand=0.5141847222256595
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
419d1a0b783f3fe9c285418aab08070d30a89c27f9653cce5b5ec4b5f6b6b1da

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:13 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
397
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 41A9 		37 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692502
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56391c7d82d24016329c0ca1330dd8b1ab5a767bcc324577bcea10f5692d5fab

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z0wugyF5pDBcgX0cjLFP0DUnOcWLhjTSnpBoEgnx6YkD5uagGnAlKi3ECXXAB9R%2Bs5%2BLhDS%2BogJKaL6xxwW%2BMF5w2KgTZ5qHpjSOOBUeagSEDFIazzKpAxidAqOnc5KFSgJ%2Biqj9"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
815957f058671b93-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 0D04 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxBXmMpKzyZEy2xgqTvi4pMkqs5NKwQLOSvp8L6ytZP64zX6B3yA0GTShmF_tCJaSZp39noMtm_9qVhtH14_GD4nkpKfnp4jAxQ-FtUNMQ-q5BwHhlPwLDQf2LpDk05FRQwNaQmif5_gUXdiZmWLfpQNtf89UcWJHE73xkD6laUM_TOsbGImEZDE_jZWXvUKkDW5q9-nb5HWGowZs8kqiOWhwtIpUk3zgxWxJEgan8SczknmsAAVIT94Ke2xAilCTCut60qhZA4P2CdpjzgDZKyGCQMjUrZVVfAHDU7Y_nkv_hZ1wOuEacseopEHq2_ELqwiJOFApcIPUauVutLJIAwSQdFf5r4sfy0pcOcWsm9pmN_BIg&sai=AMfl-YQ6V_ss6NY0nZH1ufEIpSXTWHarwdyxmM7ja_ulK1UJuGrZrCRGzcDoBn94OfSX0bFhzl4yn-yiZdjkgVNbc8OSq5FcZE_iS3d6hchzdmgyDSA5dWOlCfA4DAuCig&sig=Cg0ArKJSzIS0q3szA_p7EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 0D04 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9e26ec749b9aac9a2755f950c044afdcf9eaa48bd7b8b614b02368cc54a2d71f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51308
x-xss-protection
0
server
cafe
etag
4520008702967465875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:36:12 GMT
truncated
/ Frame 0D04 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72820ccc117593f5f58e2d40b0a53facd89edf4e47faa1fc99c02f6501f74224

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
generate_204
tpc.googlesyndication.com/ Frame 13E2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?OIoA-g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:12 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame 582E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2vzci6FaiO-ZVfY8OvVOUBtm2B4U5SfK9j95z-gPBa2yWTa5KcL5yhBOhYjFLN2fTN85nCxH02DU1jVmczFPDXqTDuCDOkQERP9GU8L6UqIl0hvSZ1UNRVHga31hB_J0U8v3633xfH_WUxd4r6j1yDoW8C9JLzVZQZ_xuhTfcbSOEIuOeei1rH5D0ybGvlYiDNRLsezohgPhcBZL1ZjbgAET6fTyBeEeGBQPN6VVurKlp4gQxOth3EKlpw50kq-37yyH6NrSVI4xPOHsS_IlGbv5suC-_w37tuW1BOJeKe-gHcmv4hBmh4NMiGJ21GnqPQ0xch38bo3JM-CWyxo0SMw&sai=AMfl-YQvR_vp_eph3iP9hM6gOSX5f2S604v8sDsF8DiGglU3fpq3WB0bXtVk165OdC5T8ks-qauxeCd5ItjNyM2cxNYPkrxQQPL6YjlxJeBpaUTKsR9mN7y1SCh7fs3OwQ&sig=Cg0ArKJSzITf2AYiBP0qEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 13 Oct 2023 17:36:13 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 582E 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.deseret.com&bust=31078722
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f80d4902d2d0633e4c5982135fcae529ff5e22b89fa56cb4614c8cbf94e1431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11964
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310040101/ Frame 0D04 		390 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.deseret.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6473ac6e3cb107ba27f5fc43eecdb1bcc2d84bf488c7493f43c16c3f3d926c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135482
x-xss-protection
0
server
cafe
etag
15061975727113944113
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:36:13 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 582E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 13 Oct 2023 17:36:13 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7A69 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYbbU_gPhdvKmpDZz1Qm-m1dJglDYqxqPsYkj1DTF3yEhlqVnqiIivWkgo4k7bOktQ4GtlIe3JZ8w5Bz9rrsj7v1X6fwiA1O4SkyGp0_cGW5lwHjmE7_yGvMamdggq&sig=Cg0ArKJSzBwvADafEgcvEAE&id=lidar2&mcvt=1009&p=778,1050,1028,1350&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20231011&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1191632890&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697218570516&rpt=1549&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 41A9 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3190151112419911&correlator=1538374876519972&eid=31078820&output=ldjh&gdfp_req=1&vrg=202310100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x600e_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=6&didk=4289700383&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D73cbd3e445d0b158-22ad1e73d6e7006f%3AT%3D1697218566%3ART%3D1697218569%3AS%3DALNI_MbmmAvVybUAJTPLvS0nsd_wFab16A&gpic=UID%3D00000c9791d8bde3%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_MYcNdJCko0qIgnfIPVSyO_M5mg1Uw&abxe=1&dt=1697218573115&lmt=1697211373&adxs=1050&adys=779&biw=1600&bih=1200&isw=300&ish=600&scr_x=0&scr_y=0&btvi=0&ucis=d4cfv07zmva0&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&ref=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&top=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&vis=1&psz=300x0&msz=300x250&fws=256&ohw=0&ea=0&psts=AOrYGsm24b8W4U0wJoLc7_l7Pe301v0DZohMT9McMrxdCNk9B7VKxs_BpYaoBV9ERSy_4BkDKXsajQ94uu6TSrHHvm-d4P1-%2CAOrYGslUjC_jeryBF6wf7_4Do8upyQqpZDLzz427lABsJLSEX7msFZ68-3DABN7IOZk1xRYECGzBQP-CKWcTtJDhXbYMx6RT%2CAOrYGslaSoRWKyWbbaYYWzZfTa_j1fqAmtLjFDEjmirmSGPd4R5Gmjukdsezc7d1u6R9n1vsYedphc3We-m6Ille6FAo3N8Q%2CAOrYGslxm9HOO3Z31ZDfL9tGXPa5D8O_rvzF30h1jCozkRsqBv2QLkMb-JTgVqyeOCKBDZ_kzIFrZiwtq25tvdY5RI8yJ3wE&ga_vid=1727420462.1697218566&ga_sid=1697218569&ga_hid=1835518903&ga_fc=true&dlt=1697218566916&idt=1281&adks=2719661029&frm=23
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2226e82cdb7ba5ced90dc5e3ebaa80468bfdd419275ed9217105e516e93f44b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11816
x-xss-protection
0
google-lineitem-id
6101519259
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138403346223
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7A69 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231011&jk=2656168397849019&bg=!7e6l7qHNAAbFpEfJ5aQ7ADQBe5WfOC5_ZSZnZY5-zTC4fjy_J6LajNE8YjopEVJm8Kjw5Hob5TfXAmOHLNYBLn1HsF0RAgAAAJRSAAAABWgBB5kDHfm21kR0EJzKwxPQd-sl6l_NLYsclK39Lt0FxLqqau-bGUYaBe75h78A_Ca9fq62do4PfE8TSZ0JZkUN6Diq0ajgPwclkdcIf9MIxDFq0gCbDN2kv-6C1RzPCe9gkCCt_A5mY7e2OX-SEOkt05yhXVLr-sA9fyZDVOE-YW1g7ZeofOlYn_vRISXcMe6iGHsxoKuPTsxatngoF50SMwgbPO4oU4c_QZRLe_eodWMUIi-F6DkNUPVr1YFp3eRM_jKJzhz-dTr3gl6j1TuuhFP2BAndhYXnZsI25R6VLE_1El4tPCvNUebj9tIu5Veme1uGbk5t-1QVaSfcQWMCid82g45WEG72MH4TNpdUroEZ_uMqX617DVfnWIbDPrMwC3KLG5sioh0Wj2JoZ9GshFW50qiBTiHKHRflpUoxdAanivZvTf-8vDMbYmx6Mrb6eKsKih4JT0S-1sNgbEs3ENsjVXz4ioDNhWyfIgk1T3uLVdoW3FA8s9ftxHUpzhigYbV6N9IxLBtvxBmlI_rdgrhisWkCPECU1jwRVP5aIWTdjRrMU6A7_MbwfOYSa1GkCnyevcUCAMu7SAWADW-SYEtpkjYmwHBS3KtMI4OOgjm4J948NDDJ97FrWalfUujuIMtazt7xIJHrAEdNdtgEoTFa69mbLlo_NpKyniM8vF6I16BnbunbmZ5zhukbZZNy1W9sWIdu3eJrWuIbaev2NV1xlmio8LEzyF0gDYwzRiAzVMnCQw_Om8M_X-fLvJIPDTBFyzng0tXr_Nc_WuY8hNoc8qMrL0HYvsmFyvhhle-IMMRuv6j1rTIXv4g7O5VmWsas2MkgYlsRQRrOxRPu0_cbcBRu4Qok1DY2w4vysX-wRkvEYw3su22tP1RKAaOkoIcuhmQjNtowKdY915B4G-i4zCtS7c3oAs32CwfSDS7Ix-bxpbd9utBGgmFrq_Jpv8dNBx6GYOFLUvBMW2BT3LuSrHvPDMq71WbUNm7HUKA1aXE161JxeTCR0NvbJl3sYxyOReS1S_r3gJrp4N-hikg7WVQhrRIPAUyCN75lvhKB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E9C8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
950
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 17:20:23 GMT
expires
Sat, 12 Oct 2024 17:20:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A8CC 		829 B
557 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
263247e197c06426d8ea13a4daf38d5f4197d3663610497596bfaf3b41a16e18
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pavmpgJcowZyutKnab40jg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-pavmpgJcowZyutKnab40jg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 17:36:13 GMT
expires
Fri, 13 Oct 2023 17:36:13 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usync.html
eus.rubiconproject.com/ Frame 67E7 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 13 Oct 2023 17:36:13 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 2075 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
487
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
815957f3488d9bca-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 13 Oct 2023 17:36:13 GMT
expires
Fri, 13 Oct 2023 21:36:13 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
isyn
prebid.a-mo.net/ Frame 6EEF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Fri, 13 Oct 2023 17:36:13 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
pbcas
ads.yieldmo.com/ Frame 5A3B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.102.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-102-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Fri, 13 Oct 2023 17:36:13 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3363 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=41503
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 13 Oct 2023 17:36:13 GMT
expires
Sat, 14 Oct 2023 05:07:56 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
us.gif
sync.go.sonobi.com/ Frame 41A9
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5144588526877986703
49 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5144588526877986703
Protocol
HTTP/1.1
Server
72.34.250.75 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 Oct 2023 17:36:14 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-34
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5144588526877986703
Date
Fri, 13 Oct 2023 17:36:13 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
x.bidswitch.net/ Frame 41A9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=c6ff1d08-9578-45d0-b385-dc426ad5b3e9&google_hm=YzZmZjFkMDgtOTU3OC00NWQwLWIzODUtZGM0MjZhZDViM2U5
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDxPIaY1rEkfelxZU3hjhBE&google_cver=1&ssp=sonobi&bsw_param=c6ff1d08-9578-45d0-b385-dc426ad5b3e9
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDxPIaY1rEkfelxZU3hjhBE&google_cver=1&ssp=sonobi&bsw_param=c6ff1d08-9578-45d0-b385-dc426ad5b3e9
Protocol
H2
Server
18.158.137.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDxPIaY1rEkfelxZU3hjhBE&google_cver=1&ssp=sonobi&bsw_param=c6ff1d08-9578-45d0-b385-dc426ad5b3e9
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
359
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame 41A9
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=Kk4Q9XzeedD4KnZvw8d5&pi=sonobi&tc=1
49 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=Kk4Q9XzeedD4KnZvw8d5&pi=sonobi&tc=1
Protocol
HTTP/1.1
Server
72.34.250.75 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 Oct 2023 17:36:14 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-39
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=Kk4Q9XzeedD4KnZvw8d5&pi=sonobi&tc=1
pragma
no-cache
date
Fri, 13 Oct 2023 17:36:13 GMT, Fri, 13 Oct 2023 17:36:13 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 41A9
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=9bd1696d-b702-41c6-8907-6b63692ce4f9&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=dl9MYkl3bkUwa3VCdVBDcHB6bDFkQQ&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESENtIZgxVCzNIOXgryAfkEeY&google_cver=1
49 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESENtIZgxVCzNIOXgryAfkEeY&google_cver=1
Protocol
H2
Server
208.93.169.131 -, , ASN (),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7ff97786c7-2t4x5
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESENtIZgxVCzNIOXgryAfkEeY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 41A9 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=8b725e5cd3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:13 GMT
server
Kestrel
content-length
70
content-type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame 075C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuuC3RIYcmPYXGLwvKz_qc650MT0wJAPO-JEs-ULbNvtetnimqoHJUXonwIMabRYc7JkXUi1-JoJmM7wYVNBlKUwfAD6bZljfM-Xm6wbko1Mm6UgfFMgg4eXsH1s9hz&sig=Cg0ArKJSzHShyuWZf0NcEAE&id=lidar2&mcvt=1012&p=778,1050,1028,1350&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20231011&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1981094264&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697218571004&rpt=1226&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame E9C8 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:02:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
2012
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 12 Oct 2024 17:02:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A8CC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=1324081584673198&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
cookie.js
partner.googleadservices.com/gampad/ Frame 0D04 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.deseret.com&callback=_gfp_s_&client=ca-pub-6552175488733768&cookie=ID%3D73cbd3e445d0b158-22ad1e73d6e7006f%3AT%3D1697218566%3ART%3D1697218569%3AS%3DALNI_MbmmAvVybUAJTPLvS0nsd_wFab16A&gpic=UID%3D00000c9791d8bde3%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_MYcNdJCko0qIgnfIPVSyO_M5mg1Uw
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1F54 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=4198791690&pi=t.ma~as.RON_300x250_House&w=300&lmt=1697211373&url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697218572900&bpp=179&bdt=376&idt=385&shv=r20231011&mjsv=m202310040101&ptt=5&saldr=sd&cookie=ID%3D73cbd3e445d0b158-22ad1e73d6e7006f%3AT%3D1697218566%3ART%3D1697218569%3AS%3DALNI_MbmmAvVybUAJTPLvS0nsd_wFab16A&gpic=UID%3D00000c9791d8bde3%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_MYcNdJCko0qIgnfIPVSyO_M5mg1Uw&correlator=1464624138789&frm=23&ife=4&pv=1&ga_vid=1727420462.1697218566&ga_sid=1697218573&ga_hid=1361919658&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=779&biw=1600&bih=1200&isw=300&ish=250&ifk=1414285183&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31078363%2C31078600%2C44785292%2C44795921%2C44805099%2C44805336%2C31078301&oid=2&pvsid=1811280213203266&tmod=1665545535&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.z4sv2yy7ysa5&fsb=1&dtd=403
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 17:36:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
bl-34df212-55348960.js
tagan.adlightning.com/deseretdigital/ Frame E183 		58 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-34df212-55348960.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7612bf30899c897f5dd4739769176e9ee77212be2f6c8c0dd3f91d97ca797197

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 00:22:46 GMT
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-version-id
5i.RvlsKGMbN9HpLe1Gw054ImJsyVWlI
x-amz-cf-pop
FRA60-P4
age
62008
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24640
x-amz-meta-git_commit
34df212
last-modified
Fri, 13 Oct 2023 00:17:10 GMT
server
AmazonS3
etag
"489748cf984112c1ef086729f57451e7"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
-Zh7Tt0cKh6dQ6kfcrI36-fk5s9CmiDIZ-EFPQQxsvGz5s4ita5y2A==
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame E183 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 05:22:14 GMT
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
994440
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
cr4yOFQVNbYCLRu2ZgoRZ73BQvZdeG9Q89ZYPl-6AFPOXCxo76r2oA==
b-5f40b44-9f6c1b2b.js
tagan.adlightning.com/saambaa-deseret/ Frame E183 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/b-5f40b44-9f6c1b2b.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6611a010c1c02623f19baee463ab2bd5d3ca94f8a6cd0219b243212fd1751423

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 18:10:55 GMT
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-version-id
fP8PuZH8BatVq5HXfIsv4.6uZaG8ahhC
x-amz-cf-pop
FRA60-P4
age
1466718
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30497
x-amz-meta-git_commit
5f40b44
last-modified
Tue, 26 Sep 2023 18:10:17 GMT
server
AmazonS3
etag
"ee93a36c1860a5bf0ba3dd2972e0f548"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
GO4uI6hdMs4aOK7SqQkGbr1ViRcfQVreEZj1XKLlJF7k0h_g9s3fdw==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame E183 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5773678ff4935481f649101fcac332107a8d0695aa62dd4f1f04646aa1e1e546
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9555
x-xss-protection
0
server
cafe
etag
13586251316952705007
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:36:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E183 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:36:13 GMT
usync.js
eus.rubiconproject.com/ Frame 67E7 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7ba0632bdd32881568ff9dcc614611875efe88ce3ee8de91d0a039f5fe9dbeca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 17:36:13 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Oct 2023 03:19:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=34937
Connection
keep-alive
Content-Length
10835
Expires
Sat, 14 Oct 2023 03:18:30 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 3E49
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.deseret.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.deseret.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.deseret.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7156c007f6e1889bf2677f9d17690c85086f3ea44e9b63eefcac82f33d62009a

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
815957f4afbe1b93-FRA
content-encoding
br
content-type
text/html
date
Fri, 13 Oct 2023 17:36:13 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U5NobMsAAYq2YwwhijVs61cWrdgRyA%2BE69gg1glx1GGXNpPxvHdDkd%2Bh501syCcOAbNzgAC2AzXIWn5TAjgRTE%2F%2BPMufmE39UNb5xoKdL2cqV0JadUqlabE92a%2FxZ6SeZVpHYd3wICBQlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
815957f44f363aa3-FRA
content-length
0
date
Fri, 13 Oct 2023 17:36:13 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.deseret.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IPKgJf%2Fll72kP6dXrAtrnQgDp75JTaswli0fii%2B%2FnFIaXr4OouTzIaoHTElQ6nNICNsY7B4ihZoJ3yeP09CWNah3%2FRPWnO3IjSFEznzTHswnm8kc2YP4XMTbrY20IWsYHfWjjuJfasycBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 3363 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=73358750&p=161763&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e321adbc883a240ca38462b54e3b12c771c2d0d72cc816dd8e10bfa9d4f9c5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 13 Oct 2023 17:36:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
view
securepubads.g.doubleclick.net/pcs/ Frame E183 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKvrNqNMPRUcBzy22SQxSSlysWGJoufK7Sm9NRNR9bMFG1jwty_u6IFCIdu1Rk6WobGr2XRCwX0pP5k2lqxNf3CUiaVEqYGZyyDfOnfdwHtqmICMOu2R6HcKzKNo-IvhCU_Hm_tuA-AgPwpwD_KF4bPrbMC0gYcnqwEZCXZ-PhKYZeGfKADo_GbZkwAKYZSMzVSHSIhJdSFsAOrerV6TTuUGM66rHEGbXeQYcNV4fys8GowD_W9RL6yh_ZiJ6b5IG3nqZdUEH3Uty_sbVQBPHl_ZsHmYQI_p2fMfniIzBGdLhFrygEs665jOrezTfud5GFRHmBGEnPiAjyi4fyYseG82Z7Wp-HJCvVRKPrCk7SVD4QHy0C&sai=AMfl-YQnL5sKaJX8mfui_EnjCR3wEuNmLz3Q09slSENyk3BqSyax9SdTDmnHOB4eSF2RhnM-WLrQdgpedGm5vJE5j1vxmEusCeXQgkzScLy7-lJrUyeiAInn_Inbx6iZXw&sig=Cg0ArKJSzCAmPwczNsmKEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dcm
s.amazon-adsystem.com/ Frame 3E49
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSmADQ1vbrQA2WGyx2SooQAAFIwAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSmADQ1vbrQA2WGyx2SooQAAFIwAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSmADQ1vbrQA2WGyx2SooQAAFIwAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.deseret.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.128.147 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 Oct 2023 17:36:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0P0T6V5MKPY1PPBTSAJY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 13 Oct 2023 17:36:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
65H5BNQSDS094GJS9RAB
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSmADQ1vbrQA2WGyx2SooQAAFIwAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 3E49 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.deseret.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:13 GMT
server
Kestrel
content-length
70
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame 3E49
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZSmADQ1vbrQA2WGyx2SooQAAFIwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJjEGSSlPNoMv6bz-bnZWhY&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJjEGSSlPNoMv6bz-bnZWhY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.deseret.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UROx5btkXSuEzQoWpeKGitb827kUXSRSziD3jUhYfpEzaJb%2BXxzcl5gVL43Fu%2FCw7FNZxSSuIZGZddVPsmp4coHkItreavcJxnanqrG9lt8qwEuwwTHY8fYGhfjtDDwSYik1%2Fhhv%2BGX4xg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
815957f68ad51b93-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJjEGSSlPNoMv6bz-bnZWhY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3E49
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZSmADQ1vbrQA2WGyx2SooQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIh6bshoj8tFa1t_GiauHE4&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIh6bshoj8tFa1t_GiauHE4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.deseret.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xty44fxtwBkb%2BmF9BuvQ8OIJUL5dp9jHp64iBr3AyTlNiQubn%2Bp2Ql9CxCjhgewwNowfQziFWsvV3IZXX7R%2Bjg44EWaXBfE%2BHHcB50lFevOdOxqjKUJqVPtcSOC5Ih2ST8G3PcJ0vdAmIg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
815957f77c7f1b93-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIh6bshoj8tFa1t_GiauHE4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame 3E49 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.deseret.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:bd88:aae0:b7b2:3334 -, , ASN (),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:14 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 3E49
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=5e1c385f-940e-4aca-9e97-01fc97f934ce&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=5e1c385f-940e-4aca-9e97-01fc97f934ce&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.deseret.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4jkrNhMUPS2AbhWy77hgTGV8itByD8ywA%2BxyYvugRdaqkWBQuc%2Bw9DRxa%2BpvUGjPVwhd9On6LpavShye6M2mAx9DVYrDgYtA0nfLF%2BUcXY6v4rZ2BZ8ff%2FHedpovTHAE78CDxCbF5X9krg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache
cf-ray
815957f81dc71b93-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=5e1c385f-940e-4aca-9e97-01fc97f934ce&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Fri, 13 Oct 2023 17:36:14 GMT
server
_
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 3E49
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=RCPc093d1QRm585
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=RCPc093d1QRm585
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.deseret.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iWFuqzFex7z951g7SIq0R10LCB7vk60ma%2BdntlmGxGeSvP0PK%2FUOE3Kf%2BS7WAC0KnsnTB7q17g4QdE5uj719bmJrz%2FYlQ7vj8SOuK0RvUVzkaI7ik1%2BHsSjiMKcB%2BpXahY2LBII3R55bEw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
815957f88e6a1b93-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 13 Oct 2023 17:36:13 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-0e3fa82937dfe784e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=RCPc093d1QRm585
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame 3E49
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D190%26external_user_id%3D%24UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2152010090563711636
43 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2152010090563711636
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.deseret.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJXT6w9kqJ%2Bl56VYFW5XIr9Zqypqh1gGuchBQsdaQ2zCEg5Eu9IWTqnHW1PQBAFkVp7Bb5kVptxSWsblXdSTQ8bbMjyun2DbBA5S28DJ8uhKub8dROVzEpUA89sXTH5mjH6jQn0f"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
815957f89ccf3aa3-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:14 GMT
an-x-request-uuid
f0bdde66-6fa0-4a43-ad2a-ad1bd07fefdc
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2152010090563711636
x-proxy-origin
80.255.7.105; 80.255.7.105; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 3E49 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZSmADQ1vbrQA2WGyx2SooQAA%265260
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.deseret.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:13 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
79879
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
815957f63c619bca-FRA
content-length
43
expires
Sat, 14 Oct 2023 17:36:13 GMT
khaos.json
token.rubiconproject.com/ Frame 67E7 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.deseret.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.deseret.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Fri, 13 Oct 2023 17:36:13 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 41A9 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.deseret.com
pragma
no-cache
date
Fri, 13 Oct 2023 17:36:13 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ Frame 41A9 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x600x1-5%22%2C%22callback_id%22%3A%2210477dc73d3a85e7%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694023353507843%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x600f_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&bust=1697218573750&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=23andMe%20confirms%20hack%20-%20Deseret%20News&w=1600&h=1200&pubcid=b630fe59-19be-4bfd-b089-389bb113a646&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22b630fe59-19be-4bfd-b089-389bb113a646%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.102.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-102-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
pragma
no-cache
date
Fri, 13 Oct 2023 17:36:13 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
trinity.json
apex.go.sonobi.com/ Frame 41A9 		730 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221065929879e3703d%22%3A%22740fb425cd9d318aa0a3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x600f_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&s=0a42595e-4dcc-48df-b98c-2192ed1319ee&pv=282796d2-3362-458f-9417-f43fae56b9d2&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22deseret.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22deseret.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.70%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22b630fe59-19be-4bfd-b089-389bb113a646%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
76c081b45b34f6727f21f9fa33c6fb4bb8581444810d9f19a7972a8378a81955
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:13 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-26
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
443
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 41A9 		25 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.14.14 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
14.14.251.63.unassigned.ord.singlehop.net
Software
/
Resource Hash
3a47a9e419e2a56f38482cd1a962128c07f564dc6b8da04537cb9511db009030

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 13 Oct 2023 17:36:13 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.deseret.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 41A9 		397 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=476778&zone_id=2832546&size_id=15&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=b630fe59-19be-4bfd-b089-389bb113a646%5E1&rf=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&tg_i.domain=deseret.com&tg_i.page=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&tg_i.pbadslot=%2F65889844%2Fron01_300x600f_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=110b0ec137bf4bf8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x600f_desktop&slots=1&rand=0.9664095747666481
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c359ae486098095092b4d1a21fb6f3b90eb33b897d4562fc325d502d9902864f

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:13 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
397
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 41A9 		397 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409996&zone_id=2299322&size_id=15&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=b630fe59-19be-4bfd-b089-389bb113a646%5E1&rf=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&tg_i.domain=deseret.com&tg_i.page=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&tg_i.pbadslot=%2F65889844%2Fron01_300x600f_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=1126e1f83ea6f0d5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x600f_desktop&slots=1&rand=0.28844296482278
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
14fde1fc9581046f67e8245200c45353b3988bc36c89eb91054571f2fefec359

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:13 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
397
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 41A9 		38 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692502
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa5e6a5289779225c2aceef92a0c7c3ecaef8e1d3fdecaffa744605463b50867

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h1RqMlOAfzSq%2FXLPKmv34wp5VoNNxN9MA9Vek63mosTEn188sLXPhSw0DOkjMwXfroDNEKPVMI3lTDgWig74GScgtZXtvh0Sh5djMFYnM%2Fd3fbBmitdrcr7%2FoKjft01nkfmT2Qu7"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
815957f61a181b93-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
c
prebid.a-mo.net/a/ Frame 41A9 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
date
Fri, 13 Oct 2023 17:36:12 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
17
server
envoy
vary
origin, Accept-Encoding
translator
hbopenbid.pubmatic.com/ Frame 41A9 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.deseret.com
date
Fri, 13 Oct 2023 17:36:12 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame E183 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad7830094b1e154ace221078961194631a1c8b06d103bc7b8822850199321d80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51307
x-xss-protection
0
server
cafe
etag
13335272445353537417
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:36:13 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 075C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231011&jk=3419755253331875&bg=!ra6lruHNAAbFpEfJ5aQ7ADQBe5WfOG7RJRmOdoZ2Ug0PliZLTqZl3kaGLML3dRbXph3IlV9zksWimgw2VCBC7Ibxiv_DAgAAAWlSAAAABWgBBwoARAlI9KNaotTPaUjx_AwB0pem3qlDkI6jmIVHYGDXh_GLR-j-LIL-79LBWE-rYwNRmo3D1WQU5CvDbqw5GkEQ6kHsLNw2mQMh4551SXY-5i3C18IdgTmU2H_lQZS-Pl4jPNlsFf00uPVdY71AlL4NHkyUi4W1MlBMUjqKSybiPbv3RTiYcuCJ9cTAwNnOtzdEOYHLFJkGrXIY3AbZkcRepZHQ9f-3lKxyhzc9kDf5-PGy3h-t7KBPcL6HGD-OXdqYjzeqCVxQTNCv9gjVFe4Ptarvp2zY5YMBOYFw4wY-wbHBVIDdPl1SgigGzIyT_a8SSFGIQfwBXPYfypCYKwNYL42efAlvMsIkV2YCloWNJdYg78DPFPTPDdn0x6fg15Dvf1phtF5SUDsdtZ_zaS4EjbCkR8-SoEhUtB4pB5hQfiBOHT7T60D860tj6CrF-GGx2mSUgQ6vb4qnDnDNL7-SV0j1KJAm1x9t94CZV5dGsbGaguC42XRszZfSc1ypM4aV8DYd27PaScagaMdx5NTg9ld2CGn-Jg-g3GXFhN_7B3ZW-KNytem_zliUrT3i9gEUT_4A9BAqG5IQN9VhofLhgdt070oAZ-LU-Oz9Z9KIbrxNLZO1sljz5P7yhW9D5xy68b6sKB804Ni8ZazZblwcbNNuPSUkr3SQNf2yhEjbJ9DiPr6Y6AjR64Y6gZ-EM-Qdve5j5UWqtdK_4147La3upLBBeIlSs_WB95NtGMCrq7mmTWCkGv-u-s7MKoVE-vty06bPKn9G9esUgOxuYQ_Qa_qdBbkVlFAbS48mLYpRZmHRLLhy-cg3Gi2gp4PyokBwUUPPXk_l8RVp_A8-AOjPtRHgnz_p5NFIitHVGgxP2YHro1Y_xV8aX9sY9RqbG2M-Y1BK4932Srn6UjuyMKDO-4yOeAXXDsphaVJYqfmytG3qGubNB5AWJ0czY-KrLa2vgP161mVVRW0lgR7ycTKEuW4KatUgxTNZI8OgdagaceXPlMn7s0p58SaK7RWIVH357qCHdpED3sdKwblayiDuZeUHpQEjtTWO_i520b1l9nTf1oFDWOao1MkJpRjUBZWixGhej4arFY7mmGoPsDQz26bvqKw9TwBgBudYVOPm7V-Mobzu6m-LCR9SmsWpkedVrwBBsvtax5FN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame E9C8 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?1tipiQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame 3DBC 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 17:36:13 GMT
expires
Fri, 13 Oct 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
228698
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 424E
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C2816F61-3F27-4BD9-A182-4BC52AEB1678&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C2816F61-3F27-4BD9-A182-4BC52AEB1678&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C2816F61-3F27-4BD9-A182-4BC52AEB1678&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.150 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 13 Oct 2023 17:36:14 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
H8FG2NVR537EFP65K2MX

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Fri, 13 Oct 2023 17:36:14 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C2816F61-3F27-4BD9-A182-4BC52AEB1678&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
30BNS62N5512ND1H3PW7
Pug
image2.pubmatic.com/AdServer/ Frame 0B9A
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Nar6kjuv-J0uqPDJNarlnmeu_cou_f6TZfnsJI0p
42 B
415 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Nar6kjuv-J0uqPDJNarlnmeu_cou_f6TZfnsJI0p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 13 Oct 2023 17:36:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 13 Oct 2023 17:36:13 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Nar6kjuv-J0uqPDJNarlnmeu_cou_f6TZfnsJI0p
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame E923
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2152010090563711636&gdpr=0&gdpr_consent=
42 B
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2152010090563711636&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 13 Oct 2023 17:36:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
78dcb650-b816-4ce0-a6c4-a93f4cff17ec
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 13 Oct 2023 17:36:14 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2152010090563711636&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
80.255.7.105; 80.255.7.105; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame F894
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7289498269495064724&gdpr=0&gdpr_consent=
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7289498269495064724&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 13 Oct 2023 17:36:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Fri, 13 Oct 2023 17:36:14 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7289498269495064724&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 52CF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c6ff1d08-9578-45d0-b385-dc426ad5b3e9&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=24891e47-09fa-4a2c-bafc-adfd2ff4ced2&expires=1&user_group=2&ssp=pubmatic&bsw_param=c6ff1d08-9578-45d0-b385-dc426ad5b3e9&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c6ff1d08-9578-45d0-b385-dc426ad5b3e9&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c6ff1d08-9578-45d0-b385-dc426ad5b3e9&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 13 Oct 2023 17:36:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 13 Oct 2023 17:36:14 GMT
location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c6ff1d08-9578-45d0-b385-dc426ad5b3e9&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Pug
simage2.pubmatic.com/AdServer/ Frame 2019
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VoJCl8w3UtFGYzoFkblkWFD_B2k&gdpr=0&gdpr_consent=
42 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VoJCl8w3UtFGYzoFkblkWFD_B2k&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 13 Oct 2023 17:36:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Fri, 13 Oct 2023 17:36:14 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VoJCl8w3UtFGYzoFkblkWFD_B2k&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame B76B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
42 B
185 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 13 Oct 2023 17:36:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
176
Content-Type
text/html; charset=utf-8
Date
Fri, 13 Oct 2023 17:36:14 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Pragma
no-cache
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame AE0D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZSmADgAXneS10wAb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Fri, 13 Oct 2023 17:36:14 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230022-FRA
x-timer
S1697218574.179844,VS0,VE92

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Fri, 13 Oct 2023 17:36:14 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZSmADgAXneS10wAb
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230022-FRA
x-timer
S1697218574.039556,VS0,VE99
Pug
image2.pubmatic.com/AdServer/ Frame DBB2
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFcUZVN0tVd0FBQUJqVGlTendRZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEqFU7KUwAAABjTiSzwQg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=9043595632750379260&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AAEqFU7KUwAAABjTiSzwQg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D9043595632750379260%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=9043595632750379260&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAEqFU7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEqFU7KUwAAABjTiSzwQg&gdpr=0&gdpr_consent=
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEqFU7KUwAAABjTiSzwQg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 13 Oct 2023 17:36:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Fri, 13 Oct 2023 17:36:14 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEqFU7KUwAAABjTiSzwQg&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame B68E
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 13 Oct 2023 17:36:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Fri, 13 Oct 2023 17:36:14 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame 65F2
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUf0a1abacc1344af98bb3f9b1cbbce485
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUf0a1abacc1344af98bb3f9b1cbbce485
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 13 Oct 2023 17:36:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Fri, 13 Oct 2023 17:36:14 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUf0a1abacc1344af98bb3f9b1cbbce485
pragma
no-cache
server
nginx
bridge
cm.adgrx.com/ Frame 884E 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Fri, 13 Oct 2023 17:36:14 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-2
Pug
image2.pubmatic.com/AdServer/ Frame 07D0
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8926402306414133288
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8926402306414133288
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 13 Oct 2023 17:36:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8926402306414133288
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame F15E
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588526877986703
42 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588526877986703
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 13 Oct 2023 17:36:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Fri, 13 Oct 2023 17:36:13 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588526877986703
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cm
ipac.ctnsnet.com/int/ Frame 4265 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Fri, 13 Oct 2023 17:36:13 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
pubmatic
ad.mrtnsvr.com/sync/ Frame C6B2 		0
0
cookiesync
core.iprom.net/ Frame 097E 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 13 Oct 2023 17:36:14 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-736efdd70cbd@version_1.573
X-core-time
0ms
X-server-arch
v2
Pug
image2.pubmatic.com/AdServer/ Frame 54B7
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%25...
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%25...
  • https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=2c6b38ca2bf48886c4620f57e6ce5064&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYUMnXYMVXMjnWSVR&gdpr=0&gdpr_consent=
42 B
203 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYUMnXYMVXMjnWSVR&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 13 Oct 2023 17:36:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYUMnXYMVXMjnWSVR&gdpr=0&gdpr_consent=
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3363
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=woFvYT8nS9mhgkvFKusWeA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Server
184.30.16.195 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:13 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=41503
accept-ranges
bytes
content-length
5606
expires
Sat, 14 Oct 2023 05:07:56 GMT

Redirect headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 3363 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C2816F61-3F27-4BD9-A182-4BC52AEB1678&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.246.245 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:14 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.8.184
content-length
49
expires
0
cr
cr.frontend.weborama.fr/ Frame 3363
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=385060757
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=385060757
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Server
34.111.129.221 -, , ASN (),
Reverse DNS
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:13 GMT
via
1.1 google
last-modified
Fri, 13 Oct 2023 17:36:14 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:13 GMT
via
1.1 google
last-modified
Fri, 13 Oct 2023 17:36:14 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=385060757
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame 3363
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=C2816F61-3F27-4BD9-A182-4BC52AEB1678
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZTdnYUtMYnhVaHpUY3VQdGROQ2RhSk83QQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=6865142194354540222&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
HTTP/1.1
Server
54.147.123.103 -, , ASN (),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 17:36:14 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 13 Oct 2023 17:36:14 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 3363
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzI4MTZGNjEtM0YyNy00QkQ5LUExODItNEJDNTJBRUIxNjc4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Server
198.47.127.205 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 13 Oct 2023 17:36:12 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3363
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELmKY2gcT27L4ulHDnBp8TY&google_cver=1
42 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELmKY2gcT27L4ulHDnBp8TY&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Server
198.47.127.205 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 13 Oct 2023 17:36:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELmKY2gcT27L4ulHDnBp8TY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 3363 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 12 Oct 2023 17:36:14 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3363
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6865142194354540222
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6865142194354540222
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Server
185.64.191.210 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 13 Oct 2023 17:36:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6865142194354540222
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 3363 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:13 GMT
server
Kestrel
content-length
70
content-type
image/gif
C2816F61-3F27-4BD9-A182-4BC52AEB1678
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 3363 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/C2816F61-3F27-4BD9-A182-4BC52AEB1678?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:77fc:3cf3:5701:3122 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame 3363 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C2816F61-3F27-4BD9-A182-4BC52AEB1678&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:14 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 3363 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 -, , ASN (),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Fri, 13 Oct 2023 17:36:13 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3363
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3388646453142148623&gdpr=0&gdpr_consent=&us_privacy=
1 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3388646453142148623&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Server
185.64.191.210 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 13 Oct 2023 17:36:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3388646453142148623&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 13 Oct 2023 17:36:14 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 3363 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C2816F61-3F27-4BD9-A182-4BC52AEB1678&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:14 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3363
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:61dab23d-3d53-41ba-b9bb-b6af31146629&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:61dab23d-3d53-41ba-b9bb-b6af31146629&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Server
185.64.191.210 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 13 Oct 2023 17:36:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:61dab23d-3d53-41ba-b9bb-b6af31146629&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 13 Oct 2023 17:36:14 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
truncated
/ Frame E183 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f9f3b66362e3f3ed7c0fee54cf060420eb300c029143297e30d3855788d3860

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 0D04 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulocAtBITm4lq52F6c6HKC0MNKihZ1fJfD6w3BLwD5-u9qI3zHhFvIcyImo2MDloiLi_X_C6KmTGp9q-EacngZNte5n9qYlL6HJWAkVrIUGIXFSUhq4NkipWTfnOO-Ix0YwrPpUIh2UNzCYhMR1rCcxH25BMN9dQhVxGH0V7C6qBBNlG9Fj8fsB77SD_EnK9HbW1PJDSnCofKMMwJVLSu5XI4XIUIDV8HZnEZAUpEtL8rcwIHWLuI3oxl9GLc7S7RdQqMUnhGMueFE9jKCZhR-8EYT9WPILjexylJZq-4TPX9xWvQ7lF0qjPTAygIa6aRjZ7hWRu-cS6WxDZu5VBXpUh45hyrzsjwsM0En4kV5J-E_r_Fpk78&sai=AMfl-YRxs0y5rdLujiSuAF3l8LjEKpHtqlGeR0PpwQJNrbTJgDzsE57p28ts3hYKViYamMvjNlzSmymkHOaQGC-KfD8nTqhGgf8u_vrDX60TwNgrZOpcAi4Ek-_Tz2vi1w&sig=Cg0ArKJSzLyU5EIOYTt7EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 13 Oct 2023 17:36:13 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0D04 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.deseret.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73cd0f12b081cf0da985dffb903793f46e9c2179fbd7010265db65756c3f4d3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12154
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/ Frame E183 		393 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.deseret.com&bust=31078772
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a10180a90bb873bf252d5216b6090fd12889a616ebbf79f31344d510461153c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136616
x-xss-protection
0
server
cafe
etag
4935582171553507537
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:36:13 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 41A9 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3190151112419911&correlator=3741603395263307&eid=31078820&output=ldjh&gdfp_req=1&vrg=202310100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x600f_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=7&didk=4289700382&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D73cbd3e445d0b158-22ad1e73d6e7006f%3AT%3D1697218566%3ART%3D1697218569%3AS%3DALNI_MbmmAvVybUAJTPLvS0nsd_wFab16A&gpic=UID%3D00000c9791d8bde3%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_MYcNdJCko0qIgnfIPVSyO_M5mg1Uw&abxe=1&dt=1697218573980&lmt=1697211373&adxs=1050&adys=779&biw=1600&bih=1200&isw=300&ish=600&scr_x=0&scr_y=0&btvi=0&ucis=3i2g15azdk1q&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&ref=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&top=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&vis=1&psz=300x0&msz=300x250&fws=256&ohw=0&ea=0&psts=AOrYGsm24b8W4U0wJoLc7_l7Pe301v0DZohMT9McMrxdCNk9B7VKxs_BpYaoBV9ERSy_4BkDKXsajQ94uu6TSrHHvm-d4P1-%2CAOrYGslUjC_jeryBF6wf7_4Do8upyQqpZDLzz427lABsJLSEX7msFZ68-3DABN7IOZk1xRYECGzBQP-CKWcTtJDhXbYMx6RT%2CAOrYGslaSoRWKyWbbaYYWzZfTa_j1fqAmtLjFDEjmirmSGPd4R5Gmjukdsezc7d1u6R9n1vsYedphc3We-m6Ille6FAo3N8Q%2CAOrYGslxm9HOO3Z31ZDfL9tGXPa5D8O_rvzF30h1jCozkRsqBv2QLkMb-JTgVqyeOCKBDZ_kzIFrZiwtq25tvdY5RI8yJ3wE%2CAOrYGslt4J2-ottv5-aCLB0nKJuZt3WDMIWVtw_00EMsLXxcsWP6VOXo2pe74XmXAjNV5yXkjsPRwt4m7TOL-wm-f0pXkVy0&ga_vid=1727420462.1697218566&ga_sid=1697218569&ga_hid=1835518903&ga_fc=true&dlt=1697218566916&idt=1281&adks=249918504&frm=23
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eee452e8ffe1fd3055dabfcc4d6ffa177ce2dc22dffaff52f42bee8150984ef0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:14 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11760
x-xss-protection
0
google-lineitem-id
6101519259
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138403346166
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
300x250_ak_v3.png
saambaa-static.azureedge.net/sidestage/ Frame 41A9 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa-static.azureedge.net/sidestage/300x250_ak_v3.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD6) /
Resource Hash
b7f5d70a1071fe2f8b9e45d9befbb788d9912d50f7dbc60e5728bdf837a21d08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 13 Oct 2023 17:36:14 GMT
last-modified
Thu, 27 Jan 2022 00:46:57 GMT
server
ECAcc (frc/4CD6)
content-md5
Brxf/5pfZY4zgW2j5iapHg==
age
484576
etag
0x8D9E12E859EF83D
x-cache
HIT
content-type
image/png
x-ms-request-id
892ba95f-501e-007d-6093-f971ca000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
39311
activeview
pagead2.googlesyndication.com/pcs/ Frame 582E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthzW618YgXTSunK6J32rQXjheICPXDH17coy9jxoCgUV49-Bvv8WmhvrPYLJg-6x6xSXhIwuYHv016ByOOetBdHIipMzG81uQsrHv32kViS37yJw3INes2P0DLC29j&sig=Cg0ArKJSzGhcJgn51FDPEAE&id=lidar2&mcvt=1011&p=778,1050,1028,1350&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20231011&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=100925982&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697218571656&rpt=1314&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0D04 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 13 Oct 2023 17:36:14 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 18F5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
951
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 17:20:23 GMT
expires
Sat, 12 Oct 2024 17:20:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F245 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a5aefdbc19ae574a75cc9d75db8ae7a5df43df719a1cf1a55c686014c65fb721
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JwB-3Y5ThLBbTW2ZvIn52w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-JwB-3Y5ThLBbTW2ZvIn52w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 17:36:14 GMT
expires
Fri, 13 Oct 2023 17:36:14 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cookie.js
partner.googleadservices.com/gampad/ Frame E183 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.deseret.com&callback=_gfp_s_&client=ca-pub-6552175488733768&cookie=ID%3D73cbd3e445d0b158-22ad1e73d6e7006f%3AT%3D1697218566%3ART%3D1697218569%3AS%3DALNI_MbmmAvVybUAJTPLvS0nsd_wFab16A&gpic=UID%3D00000c9791d8bde3%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_MYcNdJCko0qIgnfIPVSyO_M5mg1Uw
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 609D 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=3171325993&pi=t.ma~as.RON_300x250_House&w=300&lmt=1697211374&url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697218573770&bpp=128&bdt=440&idt=345&shv=r20231011&mjsv=m202310100101&ptt=5&saldr=sd&cookie=ID%3D73cbd3e445d0b158-22ad1e73d6e7006f%3AT%3D1697218566%3ART%3D1697218569%3AS%3DALNI_MbmmAvVybUAJTPLvS0nsd_wFab16A&gpic=UID%3D00000c9791d8bde3%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_MYcNdJCko0qIgnfIPVSyO_M5mg1Uw&correlator=1464624138789&frm=23&ife=4&pv=1&ga_vid=1727420462.1697218566&ga_sid=1697218574&ga_hid=1505547067&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=779&biw=1600&bih=1200&isw=300&ish=250&ifk=794634326&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C31078594%2C44805098%2C44805333%2C44805681%2C31078772%2C31078773&oid=2&pvsid=188768659515533&tmod=895744978&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nkt55esxq4wl&fsb=1&dtd=359
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 17:36:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
bl-34df212-55348960.js
tagan.adlightning.com/deseretdigital/ Frame 546F 		58 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-34df212-55348960.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7612bf30899c897f5dd4739769176e9ee77212be2f6c8c0dd3f91d97ca797197

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 00:22:46 GMT
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-version-id
5i.RvlsKGMbN9HpLe1Gw054ImJsyVWlI
x-amz-cf-pop
FRA60-P4
age
62009
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24640
x-amz-meta-git_commit
34df212
last-modified
Fri, 13 Oct 2023 00:17:10 GMT
server
AmazonS3
etag
"489748cf984112c1ef086729f57451e7"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
JXU_9lIKeyhoXfH98YXFCcwa89wYopDUAmy8btSuVPQzRkrKU5QBbg==
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame 546F 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 05:22:14 GMT
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
994441
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
-BR-qaS-bDr5F7Nez1cbrmkBizmCL4J0YhUUScrPIPq7OXRlDRAHgg==
b-5f40b44-9f6c1b2b.js
tagan.adlightning.com/saambaa-deseret/ Frame 546F 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/b-5f40b44-9f6c1b2b.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6611a010c1c02623f19baee463ab2bd5d3ca94f8a6cd0219b243212fd1751423

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 18:10:55 GMT
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-version-id
fP8PuZH8BatVq5HXfIsv4.6uZaG8ahhC
x-amz-cf-pop
FRA60-P4
age
1466719
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30497
x-amz-meta-git_commit
5f40b44
last-modified
Tue, 26 Sep 2023 18:10:17 GMT
server
AmazonS3
etag
"ee93a36c1860a5bf0ba3dd2972e0f548"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
RfrFzI_SgwsI4ITeYgTx1_ybboLKz019Qk6PaL4ubE7is6_sGVDReg==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 546F 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1092934082f3c2723639d10413424bcd14918221aaf1526e2e7e8c1bc1ec96be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9555
x-xss-protection
0
server
cafe
etag
5721733227323630503
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:36:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 546F 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:36:14 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F245 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=1811280213203266&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 546F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssaj3ouwoF2SgXwoDhdAGTMxr4FLGY6s_BghWIRdaUGYpsDJ_zEp0njd_Cj6ms6prKdWrJglwN8_yM2Yjlt9T88_WIOYrjZw-qsfoTIIBLLcHmFGDY8eok-wpkYTtRt4n5ZCkWHv-AWqgQX24A-VMhB7HaYx_2y4HNthOFH2icGHyDlRGBkgKlMpuIqae2_iziIXZdvXfG0kMFZvQ66ofF3zEZsKY41w5_VrGAd1KBDTII9NcplT_8e8u4_nldiK7cdjaM4XvqzPoVW2RhBCUqd1b0ys_TAvdYDCmDIsr-Pfl0N0C94_5saAi8tfByh7G7LHqB63AdCEaGbf5BNWXI&sai=AMfl-YRyksS4ED2G1PhijdQlzjMsMg5galOqH52TTwNPMg7BNCMAGycHWVAlkR34XTOgp5zBCaMTrisYka7gX_wMJVWj0dj96GhL3-XHDGPPa6Matnkiii22satArUGt3A&sig=Cg0ArKJSzLDdhBSAdxqvEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YNRPD2MVFD&gtm=45je3ab0&_p=1262359330&cid=1727420462.1697218566&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=2&sid=1697218566&sct=1&seg=0&dl=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&dt=23andMe%20confirms%20hack%20-%20Deseret%20News&en=10%25%20scroll&ep.content_id=23677136&ep.content_type=article&ep.author_name=Ariel%20Harmer&ep.published_date=2023-10-11%2016%3A55&ep.last_time_updated=2023-10-11%2016%3A55&ep.tags=www.deseret.com%3Awww.deseret.com%3Alatest%3Arapid-relevance-team%3Afront-page%3Au-s-world%3Anews-feed-national&epn.story_word_count=385&ep.hidden_tags=rapid-relevance-team&ep.hour_of_publish=16&ep.hour_of_update=16&ep.site_language=en&ep.page_theme=light&ep.author_id=0000018a-e26f-dca9-ad8a-f77f24630001&ep.acquistion_date=2023-10-13&ep.userid=8fc473d7-5fb8-40f4-8a91-6edb2f8f16e6&ep.site_version=release-2023.09.20&ep.hit_timestamp=1697218473&ep.primary_category=U.S.%20%26%20World&_et=3153
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YNRPD2MVFD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.deseret.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame 18F5 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:02:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
2013
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 12 Oct 2024 17:02:41 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 546F 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a68bee99e7354904c9d59ce4c74242524ff4d8e3015f82cf9be2380035768de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51304
x-xss-protection
0
server
cafe
etag
2444569547306681631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:36:14 GMT
truncated
/ Frame 546F 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c3b57f109ea8217bd5bf45d9cfa425fdf342506f885a92c518ce1494395f11b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 582E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231011&jk=1324081584673198&bg=!ammlaSbNAAbFpEfJ5aQ7ADQBe5WfOFk0-vnouC48chOxRkj-OrwRjt6UveC7Y4HqTqKjW-6B6tF4ZI15MBFCS7nuDrROAgAAAb1SAAAAB2gBB5kDNbuQyWZTVAF_1e0BWRSb3dW9uOy3nvd4JOpZkuQ7OMjcuLdehoXdNVJuPFnR_LXOSzR02OPvFQ1bMDJu53eo0EWe8gDnoEsw6HxCxGzujNnyTyyx-gDs3QRC7v-AcDEstcmeEZkyFUxZoLbZLI307gM1gKrhjSJg9jdUVBU2h2SrPm218XuccNpiIUeEJxrClMZsBlA4cMoB-YBLH6wNq8Ems-vp5728mCLtqtUlAm1UN7ND1eqAd9fHyMDFIEBVYVZbjsp_5SOsPD4Ij5F1UIsjoAWGxpfkDUFMj46_T-r4bHLyfa5UqKsXwJKUfTrgtcmKmvVXuLvd3Wp2wu2uZcC_OTyB1TpGl8o47xAhUHI_7OOHX7aDhEMKRR2oQONq32ULx7FcjG4wWlb5Uv31BADbVL0UncyXZbfWs9d3re20dB0KLverjjm7OJVvyZl2Fsic_LObU4YLPP99aOvWjWcxeN24687BM5jBR2eK4YvbIkH_Q6krUznjVZJV0FdfoMsfvUYxLes2y2cYHIRrNnvK-Ik69kjeAkn7OVP2KFsYN3Pd9-QcPGrYqkbvAxLj7oQXclmrRthemGpFl2Tc_yZrRHEOlg9YfT62AU2nOrw4An5_P1drcVuNZLHATTTma9WazUTjT1K_aB_eVdGjIo0ASbFJRLw3zRsCatoqxQXoRMGg-J5m2ZuumWjlcu_aRQesGZ5aU5DoW8g6flduiYPtZwmko-LxNZ9-8T27Yg9TK9j40dwr0rf00H7BRpgw4MgecYuSWLACXjRrBlXa7X9Y-I1fEVrD8T9mr-BdxZjjfJfbwL6LONCfTJt5LaZ7Y3_fepIVwnKjvLLU4JAXl96IJuAHhPUn60U-o6o2FAjYHLdptbO8jlBqKSOdXmSOLgohqTVUuNiDpHqEgRP1hCtutX6ntQZwOddiKldlEAiIH38phA-pYUijXadV3Z2u0xd5Z7g4az6oF8ajroXFVf50jJddEdX3sAFWjJFZec3y2B_JmwrWKxktNAeJ7PuKZ6BRMQHHLttD4sAn23NnS9FHd_k0jTNc8qLuAc932ZX1F4iVZfpquietG7HPL3Ix2Ax9AtD8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame E183 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdJBPuPbyTJrMplp0paaPvIe_AdiceF0FhiikASmd0NaVE_f4qeC2vusTrUMrCQUtn99QJ5AL-WKLsU7RDmgaezoQM4vO_y65e3BzNCaEqIzEf9epyCOEWjQqHiVs96cp1FfPVZhkUmhF-GhVve5c9ceQ4bsGQRS41o0O5wtn_Y_nvd9Ov4SbXUbD7YKnvtochYHaqLyC2Ij9acvRk7lmlvi8EZEmwMSems_i5LX-4QTrJGHQfupebOQmYb5-fvKX7w3qSZFXROI2yjEkGm4-ZPvUjff-E0rNVzUYc87taFlpDKTqAdSDbyH5yFWDnZAH5fCRpSaAn1HHCuh8hcjpueE1CJ1OonydXQDNpp-1mKwBXiQI1m8g&sai=AMfl-YSiRa7nt8to-Uszok3meGadtVUcKnXTR7bDDGbiY8WYjSDdntZQLolFMV-1pcNBDDDVaGXTvUzKL64KhmekO09J4KvXmOeBiqWYVln2PcW0FLbkilwdbcrZpxboZg&sig=Cg0ArKJSzBcod0Fc1_VOEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 13 Oct 2023 17:36:14 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E183 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.deseret.com&bust=31078772
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2feef277cde54c314e3d0319480b756d5511a8577f10b9efb332ae146dc638e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12091
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 18F5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?9kQhqQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:14 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310040101/ Frame 546F 		390 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.deseret.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0dbfe796b131ddd6212be53c5d839cdf65bd80e38ffb724ffe0459c442c6dcce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135478
x-xss-protection
0
server
cafe
etag
8489377955258476791
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 17:36:14 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E183 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 13 Oct 2023 17:36:14 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F10B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
951
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 17:20:23 GMT
expires
Sat, 12 Oct 2024 17:20:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6B6B 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
834ad0e57a858eaa5afc898dc562dee4581bcf085a48fbb6dd2a51bcb4139754
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-76DyMP4zGDv-4Mgx2113SQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-76DyMP4zGDv-4Mgx2113SQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 17:36:14 GMT
expires
Fri, 13 Oct 2023 17:36:14 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame F10B 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:02:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
2013
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 12 Oct 2024 17:02:41 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0D04 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv37EUQVlyIkaRY_qAwI0xUgQOLjsVYae0JzIJGkbM_mwgiAeYvdSdbfqVbarkBdEUNhmVZV8qi04b0swSAo05PSanPfkinZDZkjjbZmXrXCnpBHLr1kAqHp0_aT8V_&sig=Cg0ArKJSzN174Lu1H2j3EAE&id=lidar2&mcvt=1005&p=778,1050,1028,1350&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20231011&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1528309445&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697218572525&rpt=1322&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 17:36:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6B6B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=188768659515533&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
cookie.js
partner.googleadservices.com/gampad/ Frame 546F 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.deseret.com&callback=_gfp_s_&client=ca-pub-6552175488733768&cookie=ID%3D73cbd3e445d0b158-22ad1e73d6e7006f%3AT%3D1697218566%3ART%3D1697218569%3AS%3DALNI_MbmmAvVybUAJTPLvS0nsd_wFab16A&gpic=UID%3D00000c9791d8bde3%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_MYcNdJCko0qIgnfIPVSyO_M5mg1Uw
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2CF3 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=3171331074&pi=t.ma~as.RON_300x250_House&w=300&lmt=1697211374&url=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697218574519&bpp=175&bdt=369&idt=377&shv=r20231011&mjsv=m202310040101&ptt=5&saldr=sd&cookie=ID%3D73cbd3e445d0b158-22ad1e73d6e7006f%3AT%3D1697218566%3ART%3D1697218569%3AS%3DALNI_MbmmAvVybUAJTPLvS0nsd_wFab16A&gpic=UID%3D00000c9791d8bde3%3AT%3D1697218566%3ART%3D1697218566%3AS%3DALNI_MYcNdJCko0qIgnfIPVSyO_M5mg1Uw&correlator=1464624138789&frm=23&ife=4&pv=1&ga_vid=1727420462.1697218566&ga_sid=1697218575&ga_hid=1231010934&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=779&biw=1600&bih=1200&isw=300&ish=250&ifk=741832354&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077328%2C31078019%2C31078362%2C31078593%2C44795922%2C44804683%2C44805099%2C31078297%2C31078773&oid=2&pvsid=3696380480302931&tmod=1773186293&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8u1y6dp393lh&fsb=1&dtd=395
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.deseret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 17:36:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame F10B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Gqn1tQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:36:15 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 0D04 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231011&jk=1811280213203266&bg=!iYqlisXNAAbFpEfJ5aQ7ADQBe5WfOAdI-O4ms-kbSohtdVFy4VF91W8qCi5CXBTz_B8Td-Vhs0ZCeGr3OJS_2IoeQD3SAgAAAGtSAAAABmgBB5kDL1bt6wXy8E5gF99cbCdIfgVWiyuD_Y6Fgzde2jmWncYoHBF1oYpy21TlETxVKLtZzQc7IDMk9QxSwnMA_mzQsREfrf5vLv00c8KnqDX3BZztPrTPvzJZJudeCkKDuB-vVbE02VSAjHpXGmgdpCy-l0GiLyckcdbRdPiswoXxiAlbqLYxZm69i-OhafTAe-S_Ui1DZUpC1NE4RecaUsMiEDTP_N83uUt7vWH6Wni95yjSNx0gECjgBNnZyv2K8g4NkXBQrirINHtLpSj72EIPvXhyNVG0YaeUTWF5DRv3_GUQu50jYUQh6dfEUbFtuk99tf0oiKF_Hnj6D8Kkm-QfXhSTM9EynA-_OAoks1ZaJunb1wIo33miA1akDYePoFfgVlAOneuDDZqjNjqdu_ZFgaSBk-6TKBlppIQS_-jhP-m-CVsyA4L0OJurXchuotRLj20I1wSIQdFq3bJNN6X7l7qBEVZjjw4sy0Yzz9dQRBV694duMHJevYHi4e1rUVpFPlez8e3KB8xRMZpx1N53PQE7GTQ8-k6-GUYgpsxc_9gheBaUBO1Bp5EyOzAONR4E1Czn3caWa7wcF5-N6U6d_CD-czzQ_wr-OUjtteGYCIOwEPa3P2rRcn11Pse3T6JGdCZRAFQ_SbPaRFaYEfb8oyGn0TN9iAkE-6cXy_wBipoNOKqtyso-cXdFxYMQ2SEo_Z9LcyZ06qrFHcNsST7SSuOas3whWVYoTnGIG7jDS66taK6U_auZaVGscwNd_dNcjVgje9TeFll-HvynvgNvirH6ydArFYWliE5K3epawNKtLfTnANU2A0iFj4TcXg0G59lbQHmcT8fsFVUd5iCXbu-fASZzfpWAYcIPI_oMTTWcgvhN1MNRI893Qgxh9XmmS9EK3zYALbcuN3bjnX-S2bed-lyIg4GeL8-qbg-hO8xoXiCOnNQcBOG6wTPEkZ2g6EIAaF2iUTX-HCQDSNXgRXaDMbPIFyAdEClHTqFqVgwq5MH5EfDQ0vOryBx-e4IDznMZfxwFKhEeEPbAAQwe6c9qEwmcCfDfS8tFskXKEFERV4BOBTWc0n7BHPs0vcXF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.deseret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
31daa47b501fbb5df9f0c8644e2350c3956d7a2aec656d36ccbbd84107fde428

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c5efad5e6cac88457394676f0c59f2a6e26473481459f21309cc7db19f41c2c2

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
738c77017ac5c53ac125f52549e3b88ec6432dbe6013e726ffa07df90412f98a

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
76ebbe54e2380dde6ef27844af00c3e241ea375d961d58400bef64c07824c6a4

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
96fb5e12791d4f579397076639f47a3f739ce3c91040017b73c3107c5f67d415

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a0e6b09a65b90cfa567289635ab13d0bf5c44e30138232435976fdbfcb48d9ba

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		0
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
76b5d84a9893ecc37ce70bef2788c4122e47b4463649dcb6c12489f42abdbc5b

Request headers

Referer
https://www.deseret.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.deseret.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
Expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 546F 		0
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 546F 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
prebid-server.rubiconproject.com
URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTMrUuqd6cTTYnQVxzuQ3V_o_N8327AtymHFyN76q8cEcb-63PvTi-qxmT_wi1KQc2jRcMSFCxx5uNi-Wp_ZawsntxIol01pukoTI6TPxNirToGGldGhFCMujEk64gLS_9fTIEQ04NKkpugLvxq5gl7xIkEdPiyezbJe3yQvMty9gbUxiaQtKUN98-mlVXxXqlmC9xQbhDwY3Kw333gK_RCI3qGh-pIc1T3TdFNas6OLoQwjBYQiM6zg8k_hjBgdJZoRt9UhlY9Y6DDTBsRPlBNAOC1JJ63sAnuPcJcfvd12gPkqExnHuUfE1i61T5XZ1n-jgFU2QpmKN-cUt7WcjSrA&sai=AMfl-YQUQs-m7qiJRoAwNWY9vXFtu4w9of58dKCmEpjcsTdZVrWJ8d8qyY2tRzs5W_SmKs2uo2FVlXAiQzcTiRjmhwIXW4lCiHz9kibmThen_mqIN04wEIr5TUnzWwVGUg&sig=Cg0ArKJSzAooqIdLP6jgEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env

Verdicts & Comments Add Verdict or Comment

245 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| OneTrustStub function| OptanonWrapper function| isAdblockerEnabled function| getCookieValue function| addAdditionalDataLayerData function| getUserAgent function| getCurrentHour function| getPageTheme function| getAcquistionDate function| getUserId object| WebComponents object| head undefined| script function| switchIcon function| fbAsyncInit boolean| htlbidLoaded object| pbjsChunk object| pbjs object| _pbjsGlobals object| htlbid function| HTLBIDLoader object| googletag object| apstag string| isSandboxMode string| sectionName object| pathname string| isHome string| author object| dataLayer object| dfpAdSlotsObject object| dfpAdSlots object| staticAdSlots function| admiral boolean| loadWknd object| wkndSlot object| i18n string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| webpackChunkbrightspot_theme_core function| unfocus object| CqfIOn2 function| CqfIOn3 object| xop object| 1lzbspx7fuo0 object| -ih5hql5dvy8 object| regeneratorRuntime object| google_tag_manager object| google_tag_data object| FB object| ggeac object| google_js_reporting_queue object| OBR string| OB_releaseVer object| OBREvents function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater function| 4dm1r11545242527 object| _qevents function| fbq function| _fbq string| GoogleAnalyticsObject function| ga object| Coral object| T9bDmF function| T9bDmc object| xblacklist object| KO6P0g2 function| KO6P0g3 function| xblocker object| _aps boolean| apstagLOADED undefined| google_measure_js_timing boolean| htlbidStarted number| google_unique_id object| gaGlobal object| Optanon object| OneTrust object| apscustom object| gaplugins object| gaData object| __buffer function| onYouTubeIframeAPIReady function| ttd_dom_ready function| TTDUniversalPixelApi function| quantserve function| __qc object| ezt object| _qoptions function| _typeof object| PARSELY object| InactiveClientList string| __mkm_new_fp object| __fp_components object| _paq function| __fp_uuidv4 function| __getUuid function| __sessionStorage function| __localStorage function| __setCookie function| __get__Fp function| __getParameterByName string| __fp_uuid object| MYLIBRARY number| __trk_counter function| invokeTrackVisitor function| __hasPwkKey function| enableTracking function| getQueryStrings function| __fp_callMonApi number| __mkm_local_counter function| __mkm_bindEvent_async function| generateMkmNewFp function| logMessage object| Base64 function| convertArrytoJson function| Fingerprint2 object| mouseflowHeatmap object| _mfq object| mouseflow object| ID5 object| __id5_instances object| turnstile boolean| DFPMessageEnabled number| c2 number| c1 object| webpackChunkvidget string| OB_VIDEO_VERSION object| OB_VIDEO object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| webpackChunk function| OutbrainMP function| avPlayer object| vdz string| @vsrv object| storageAni object| JSON_PIWIK object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| IFrame_Base64 string| mrkt_baseUrl string| __mrkt_qs string| __mrkt_ft string| __mrkt_tfp string| __mrkt_lsof string| __mrkt_lsemail string| __mrkt_f string| __mrkt_isUb string| __mrkt_ipAddress string| _mrkt_trackvisitor string| __mrkt_customVarV4 string| __mrkt_customvarV5 undefined| __mrkt_globlaFpId undefined| __mrkt_setPNGEmailId boolean| ___debug__code undefined| ___donottrack number| __mrkt_maxWaitCallTime number| __mrkt_waitCallTime string| __mrkt_utcCurrentTime function| ShowCurrentTime function| StoreVariablesinSession number| __mrkt_isLocal string| mrkt_lp_submission_uri boolean| is_mrkt_submission_posted object| _mrkt_submission_obj function| Getvalue_mrkt_lp_controls function| mrkt_lp_pushwebflowhandler function| getFp_mrkt_lp_finger_Print object| obj_mrkt_lp function| Bind_mrkt_lp_Save_Event boolean| __mrkt_isPiwikCall string| _fp_temp_token function| getFp_Temp_Token function| getCustomVariable function| tempEmailRemoval function| delete_fp_cookie function| trackAnaluticsOfPiwik function| TrackVisitor function| IFrameCall function| readPostMessage function| isValueNullorEmpty function| getEmailId function| getfpCookie function| SetFpCookie function| __mrkt__updateEm function| updateEm function| getEmail function| getMailinQs function| getQueryStringByKey function| getParamValue function| setCookie number| __mkm_unbounceCounter function| PushToUnbounce function| setUbFld function| setwebflowFld function| getQsFromUrl function| GenerateCampaignDigitalId number| __mkm_counter function| PushToWebflow object| ___ifrmsDocs number| ___ifrmReties function| __mkm_processiFrames function| __mkm_bindEvent function| __mkm_unbounceBindEvent function| __logvstemupd function| Set_cl_fp_TempToken function| __fp_send_temptoken function| __getSessionData function| __temptoken_readpostmessage function| sendfingerprinttoIframe boolean| isNewfpgenerated number| setFP function| tempfpcall string| f string| e string| tfp object| data number| srcIndex object| oeryadp3rwg function| webpackJsonpbx5uni724rri function| setImmediate function| clearImmediate object| __vidazooPlayer__ object| vidazoo function| @pizngtdi7qk object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| GoogleGcLKhOms object| google_image_requests

35 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: kdmE0_1FKTY
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: snGdRqzhJ24
.deseret.com/ Name: _gid
Value: GA1.2.501574257.1697218566
.deseret.com/ Name: _gat_UA-25484401-1
Value: 1
.deseret.com/ Name: _ga
Value: GA1.1.1727420462.1697218566
.deseret.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.deseret.com/u-s-world/2023/10/11/23913095/23andme-hack%22%2C%22sref%22:%22%22%2C%22sts%22:1697218566241%2C%22slts%22:0}
.deseret.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=223b8b43-e5d1-4fda-95d3-17de342732bd%22%2C%22session_count%22:1%2C%22last_session_ts%22:1697218566241}
.deseret.com/ Name: __gpi
Value: UID=00000c9791d8bde3:T=1697218566:RT=1697218566:S=ALNI_MYcNdJCko0qIgnfIPVSyO_M5mg1Uw
.deseret.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Fri+Oct+13+2023+19%3A36%3A06+GMT%2B0200+(Central+European+Summer+Time)&version=202306.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A0%2CC0004%3A0
.deseret.com/ Name: _fbp
Value: fb.1.1697218566481.1957303239
.deseret.com/ Name: mf_28b1e958-8657-4d54-a073-14408dcf4628
Value: ||1697218566486||0||||0|0|59.7386
www.deseret.com/ Name: fp_value
Value: afe459fd-b836-477a-a1db-4f62a9d80f60
.quantserve.com/ Name: mc
Value: 65298006-78b65-5d15a-b68ff
.deseret.com/ Name: __qca
Value: P0-548091348-1697218566237
.deseret.com/ Name: _awl
Value: 2.1697218566.5-1e019cf239c70b2ee322f1c6ff734c45-6763652d6575726f70652d7765737431-0
.doubleclick.net/ Name: IDE
Value: AHWqTUmwrgmbGYB02fGuu9Zw_EHTngfPrkdcbpOSvhYe7KpljZb_8U13QA8Rqb0xaLU
www.deseret.com/ Name: _pk_id.499.d800
Value: 898b1c58cc511b67.1697218568.1.1697218568.1697218568.
www.deseret.com/ Name: _pk_ses.499.d800
Value: 1
www.deseret.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.deseret.com/ Name: __gads
Value: ID=73cbd3e445d0b158-22ad1e73d6e7006f:T=1697218566:RT=1697218569:S=ALNI_MbmmAvVybUAJTPLvS0nsd_wFab16A
.deseret.com/ Name: _ga_YNRPD2MVFD
Value: GS1.1.1697218566.1.0.1697218569.0.0.0
.rubiconproject.com/ Name: khaos
Value: LNOW45Q1-17-3XOQ
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrQtzacoDfNuwNb0fGVcfL/XWaA1sYWTLE9gLr7Yht2fScvujE9dvKh99gF7/1Vqqik/zeioVoeCuBxGCOXoSK1K7299Lpi5lu+xUA9sgf/4b7FQD2yB//h
.go.sonobi.com/ Name: __uis
Value: 9bd1696d-b702-41c6-8907-6b63692ce4f9
.go.sonobi.com/ Name: _usd_deseret.com
Value: 282796d2-3362-458f-9417-f43fae56b9d2
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: HAPLB8G
Value: s8626|ZSmAD
.prebid.a-mo.net/ Name: __amc
Value: 5_1697218569_1697218572
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: f4b9578b8abe4bf1
.creativecdn.com/ Name: u
Value: Kk4Q9XzeedD4KnZvw8d5
.creativecdn.com/ Name: ts
Value: 1697218573
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1slymtoZmluZGhham5sYmQCADRlhPMQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1MrMwN7e0MDM3MBbiM9T19MwJNQ7yCwxLrYgEAEFBVMolAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1MrMwN7e0MDM3MBbiM9T19MwJNQ7yCwxLrYgEAEFBVMolAAAA
.ads.pubmatic.com/ Name: KCCH
Value: YES

4 Console Messages

Source Level URL
Text
security warning URL: https://tagan.adlightning.com/deseretdigital/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/deseretdigital/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://p2.gcprivacy.com/v2/rtd?u=https%3A%2F%2Fwww.deseret.com%2Fu-s-world%2F2023%2F10%2F11%2F23913095%2F23andme-hack&
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C2816F61-3F27-4BD9-A182-4BC52AEB1678&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

43a6e9a6f3365f4999b2b8b347c006e1.safeframe.googlesyndication.com
a.audrte.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.mrtnsvr.com
ad.turn.com
ads.pubmatic.com
ads.yieldmo.com
ams-pageview-public.s3.amazonaws.com
ap.lijit.com
apex.go.sonobi.com
api.deseret.com
api.emailsnow.info
api.saambaa.com
app.mirabelsmarketingmanager.com
b1sync.zemanta.com
b5d26ce7f654ea1b851fca63a89eb750.safeframe.googlesyndication.com
bh.contextweb.com
bis3.vidazoo.com
c.amazon-adsystem.com
c1.adform.net
cdn.ampproject.org
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.mouseflow.com
cdn.parsely.com
cdn.vox-cdn.com
challenges.cloudflare.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
connect.facebook.net
cookie-cdn.cookiepro.com
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
csync.loopme.me
d.adroll.com
d1vg5xiq7qffdj.cloudfront.net
d5p.de17a.com
deseret.brightspotcdn.com
deseretdigital-tagan.adlightning.com
deseretnews.coral.coralproject.net
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
green.erne.co
hbopenbid.pubmatic.com
htlb.casalemedia.com
htlbid.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
images.outbrainimg.com
insight.adsrvr.org
inventory.vidazoo.com
ipac.ctnsnet.com
js-sec.indexww.com
js.adsrvr.org
lb.eu-1-id5-sync.com
libs.outbrain.com
loada.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
mcdp-nydc1.outbrain.com
mv.outbrain.com
observe.aniview.com
p.rfihub.com
p.typekit.net
p1.parsely.com
p2.gcprivacy.com
pagead2.googlesyndication.com
partner.googleadservices.com
photo-purchasing-api.deseret.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.quantserve.com
player.aniview.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
pubmatic-match.dotomi.com
region1.google-analytics.com
restrainstorm.com
rtb-csync.smartadserver.com
rules.quantcount.com
s.amazon-adsystem.com
saambaa-static.azureedge.net
saambaa.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
server7.vidazoo.com
simage2.pubmatic.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.vidazoo.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.go.sonobi.com
sync.srv.stackadapt.com
t.adx.opera.com
tagan.adlightning.com
targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
um.simpli.fi
uploads.deseret.com
ups.analytics.yahoo.com
use.typekit.net
widget-pixels.outbrain.com
widgetmonitor.outbrain.com
widgets.outbrain.com
www.deseret.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.mirabelanalytics.com
www.youtube.com
x.bidswitch.net
ad.mrtnsvr.com
pagead2.googlesyndication.com
prebid-server.rubiconproject.com
securepubads.g.doubleclick.net
104.18.25.18
104.18.26.193
108.138.1.25
108.138.15.119
13.32.121.64
13.58.98.49
141.94.170.64
141.95.171.139
141.95.33.111
142.250.186.34
143.204.98.98
145.40.97.66
146.75.118.132
151.101.66.49
151.139.128.10
161.47.17.28
162.19.138.119
178.250.1.9
18.158.137.139
18.206.138.123
18.239.36.79
18.65.36.58
18.66.112.41
18.66.147.43
184.30.16.195
185.184.8.90
185.64.189.112
185.64.190.78
185.64.191.210
185.86.139.101
185.89.210.153
193.0.160.131
195.5.165.20
198.47.127.205
199.232.192.124
2.18.97.54
2001:4860:4802:34::36
208.93.169.131
213.155.156.181
23.53.233.193
2600:1901:0:7a38::1
2600:9000:223c:2e00:6:44e3:f8c0:93a1
2600:9000:223f:9400:8:48e:53c0:93a1
2600:9000:2394:fa00:0:6f3c:65c0:21
2602:803:c003:200::61
2604:a880:400:d0::24b9:9001
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::6816:1971
2606:4700:10::6816:3456
2606:4700:10::ac43:879
2606:4700:4400::6812:2089
2606:4700:4400::6812:2894
2606:4700::6810:5614
2606:4700::6811:2b8
2606:4700::6812:651
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2002
2a00:1450:4001:81c::2008
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:400c:c09::9a
2a02:26f0:3500:16::215:1495
2a02:26f0:480:38a::2c79
2a02:26f0:480:f::213:7ec6
2a02:fa8:8806:16::1370
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:cc3:fe05:bd88:aae0:b7b2:3334
2a05:d018:d29:3602:77fc:3cf3:5701:3122
3.20.119.232
3.226.31.210
3.5.10.233
3.75.62.37
34.111.129.221
34.241.102.113
34.254.143.3
34.91.62.186
35.186.193.173
35.214.189.46
35.244.156.29
37.157.4.29
45.76.166.221
46.228.164.11
46.228.174.115
50.31.142.63
51.68.39.188
52.12.68.237
52.17.99.225
52.213.189.61
52.222.236.30
52.222.239.116
52.223.40.198
52.46.128.147
52.57.181.189
52.73.120.254
52.73.139.228
54.147.123.103
54.76.246.245
63.251.14.14
63.251.232.170
64.202.112.127
64.227.64.62
64.74.236.223
67.220.224.150
69.166.1.9
69.173.144.137
69.173.144.165
72.34.250.75
82.145.213.8
85.114.159.93
95.101.149.233
98.98.134.243
99.86.4.30
00cc63cd6ed4b645ed0a274e431628073d79150a2e0a3c20c5ab2685abc43c95
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
013e4395a6169b4e790370f6b517031392fee14111dbe5f0a93c95948ea86ff5
01d8c1ea393af41a8ad21a043de5cf3d4afd983e8694f42b6a30957b8ce7a0a8
01f9b47d4879fdffe32f19bcda4cd032ab6b78224c4d2553f085b75ce3e6879d
0213165f17c942a002a9ab00385e768717b2a9ebe889cdb37f092d3bc7715f33
02aab0d8b1abadabb3962c05ba53612cf4773ca21a2b1bcf6ecb497eca54860b
031f7ea240959f639f0d976cae7d49f87603049f0f78f1cbeb0d0233d17160d9
03aad58f643224f6ce0d2172cb2ed55ca8129bdab96873e2d4ed033972f0c800
04a2016e7259df05d8a2674b190c10dea67900a6eb0890c5dc901b56b101fd5b
05427617998636f60e69c7335b9e62ec1e7b7942e21dd2223c92cce6b4519f43
062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d063d7e58bade3ae244489087afa82f9f7c59276cdd7dcfbb2a9b5b600c5da
096542f95927aaec7e1e25b4955063a210aba0ae1f4f486056ef0d54c9e8b8d4
0a68bee99e7354904c9d59ce4c74242524ff4d8e3015f82cf9be2380035768de
0c3b57f109ea8217bd5bf45d9cfa425fdf342506f885a92c518ce1494395f11b
0cb12c5bb5c7efb88caf291729cbb1611178111d38d48e8b63fd30ecf5e6a60d
0dbfe796b131ddd6212be53c5d839cdf65bd80e38ffb724ffe0459c442c6dcce
0de2a17a5a0a4bf599664bfb9a7d9ebe73601c8c764ab31adac0d29481023e90
1092934082f3c2723639d10413424bcd14918221aaf1526e2e7e8c1bc1ec96be
1388767458a4e27846d223fcfae5879b7b26f6a82470d411002f4924be117aa4
139b5bbf6aaa835413c9de4f77fac25469a9ea4976e4dbda20b29bd0e63eef81
14fde1fc9581046f67e8245200c45353b3988bc36c89eb91054571f2fefec359
15b9ddbe2efdbe1a86c55b2db65ce90407700f206885b838d25f41886fa31acb
1691528e16358e4a55f27a5960fdb5c5cfc05671e6682aa5d28ce102f483e758
1813e6a311f1c68866b41076b074799b6a0a131484470bb8894f7c272275528d
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18e417acc2170bc5559488138d56f4d308d36104a26eff8c23dd2cb371ab514a
190a95290cda6d00c094d3541bce8607b96aec0743e6b5278abec6c24ad12142
199f137333d3780365ef53daeb8c3424b8d377e61aa5ed04013ee01711195897
19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c232482779afb68012302ae00dce5ecc143c6464a92d736cefdc83953ede202
1fbf7c0cf32ea29a10bdc2998fa5d50d6ca11710ecff96290b5fe27bd0282a4d
208f58092fbda7a5d1e838ff838121819de499ba1c3002ee12515eb2944283b2
213a40aff22938f7f70af43c23efe6bddf039713f041dd94ffe72ef5bac1b701
214fe31d76df449747aefb238a0b082f54228586e1d8e9d33704691d6c11272e
21a924ac651ba65e51a5c9b5ae4b51453eb9b957d5990001a85960df95603d13
2226e82cdb7ba5ced90dc5e3ebaa80468bfdd419275ed9217105e516e93f44b8
23ccc2eb5ab2f26dc90911585b07893758e681dca2f83417457640c91a407fb9
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e
2439d09276050789596af71728fc61f652e2c7a0d721b3d19e20b506118df1fe
244bcf9e597ee6c926ec1fa3154730bc48e546f3e61404ba2dc4b810cf057023
25484e65a401d988b0bee5b763ea9796c87ddc2a26a85dc2a099510e86425d6e
263247e197c06426d8ea13a4daf38d5f4197d3663610497596bfaf3b41a16e18
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26abfb8204c59428822c022842dc713f2e4578e8301105357f903f9939e6065f
273c3c5085650057714c34b66554ceab0ff22c25b9a26a6fd68d818b52a49ecb
275248c198ef4965fae8d53ef1192ccfafdb32c7832295c0f8bc640f95c97501
27f9865762c2558b3aa876075ddaa279924fb9a4d6be3d6ca625eee295c1757c
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b4fc28ac191e5290a5a14495b24cc1390d8838a6c5bc3046e3b2c95a1e4a476
2b5c6a51068c01ae269133fb86045397fe442d91f1166ac14b9634dfc2eefa8f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e56d46b73d36a4cd2959b5163de05df3f69ed1a27f99ffed7bd73089ba7ab88
2f0b2df67130c20d3f75e473ccf941fc8fea7c029d15adf044af4df143c45b2c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2feef277cde54c314e3d0319480b756d5511a8577f10b9efb332ae146dc638e0
30a13c26add0bf0be76d49333a5047057bfab31d93876edc0fa376c7ee667dd0
31daa47b501fbb5df9f0c8644e2350c3956d7a2aec656d36ccbbd84107fde428
325fab5a06017764ab5ff18c3e5d6c1625d3524cb2a077e58b902fb8f26d1c9a
351ba2ac20d28ffadb1115a6dd19d3a789cbd9d30d88630ca6d0a9a7fa6122d9
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36b2007c0fe0a0f968bd49d1d050bd46989db93585b00b39df19ffa3e164047f
39b5497c89f88d014ce6f34a8d31600865ccffbbe379479c118fd7df7f611dd6
3a47a9e419e2a56f38482cd1a962128c07f564dc6b8da04537cb9511db009030
3b0ecd0b7c8e4db72578c8d28429bff3a47a2d8f306e3c9ecce4f34403b9ed83
3be3ea27f1cc3f395b7ca23f048103f9c253c61a4e3391ec6a0201c6833ce4be
3c52770decff78dd33de00350f66a0122a6a219ed2b54552c14bbc841de6c833
3d4c80b6c1909de5da3cfb2cac11efc04e9f827d28f2bf1883587f38a427b6eb
3d62ad0f23c60258f120e52cf68b2e1adff5c1bf5bde5ac8f8d6e5f4c4c64f34
3f006dec88c65732acad8ea71a9bcc6be450a360567eccc8174da37df54c6038
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
400364eacf69f0a75ce19dd956ae13093eae641137d6e0a076ee76a52c67eceb
406ca377f1f4d3156d974a2e82666da491e51cd63f6255ed656c452fda0be859
419d1a0b783f3fe9c285418aab08070d30a89c27f9653cce5b5ec4b5f6b6b1da
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
435c47a6d90ec77ef8f9236689188ecd683bba89837aa9f91ab80644a616f466
43ee8d49b779f7ba1212ac242d044b06995064a69dc32164f8e3301524d5c203
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
473530af7484801caacd30c0b758ddb90042a83118d02f2f7dbffdf79d763e32
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49ca8e5fa6b43c735e1516fdaffdea804f9ecb858a4ffcd52999692f9d7832dc
4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f
4c3c20c65b51cd9cc58291f5dbf7328710f75718504159d084a4ddee2ec06397
4c98415225e2d798f63c5cf293cecc7e25003e2bfdd5c36a15131e481377d3a5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e21d621783fab241eb5a9bca494f1b34fadfbf897157394982d2de1175c3b9c
4fcd4d587e418caff76ea830a86518a59bedea7425faa80f0279db95a890d3ef
50e378c7aa7ad5b23df32fb96dd0f293cbaa9c51e72047aca49dfeb12b18990d
5235b92a2857b5a12e509e2b0a87af627e078d49106424fa6c9dab003ab2e0b1
5400c4a1a648aaee69cae2ffb458dc101b1b0ee4f7ff8392b295cf937a6e2ea7
541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6
54391dca8ba2ac6de4d2dfe0a309423f6a8c74060ea48308fd5147ed95e31eeb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a2850ec267a3902a68d096b98fb0904f34b7c4c5a214434e9a5dcd8a036c72
555ae896b80477294527d69404c61a8912c0aae31a19419463ed920819eeb30b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561b4ed2789b7e1985ee47ece459173eaacde99dbb9ec70689bce14d67a87d08
56391c7d82d24016329c0ca1330dd8b1ab5a767bcc324577bcea10f5692d5fab
56392ebad5b40a679bde656531d22e8618674cf8f8645503f050b2ad668c4ddf
56f34b0c31a1134660c5f07b8ed056f53707565b3fab062e3ac2425bf70a80c5
57059914e00813a77e707a972919541906253d82e823571e57e607e53c65289a
571979ce45a869530d63328c83473172808f2f199e0512b2ee18771cb1e6ac58
5773678ff4935481f649101fcac332107a8d0695aa62dd4f1f04646aa1e1e546
5b647edf1597f3427578fc09d41be48660f2388e92022eb0693975efd38acda0
5bbb3d0ea4664762ea97374ae3b004b50f62a2f6560ceae6507f9f12cb4467b9
5c962cc96d5b42fc0aabc4cbfa508287c954e9022c833fcc0267c6ebd5d79775
60b0455f947476006d488b97ce2e448fd69efd17371dd8a8233c31a975a9822c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
64d945ceae701d427a8403ede490a4bec77749b4626b9ac295c0f87a2051721f
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6611a010c1c02623f19baee463ab2bd5d3ca94f8a6cd0219b243212fd1751423
6621912d07a2de8622885fddfd9a6ce5f5bdb3a0923d599fa2bd70982df19029
66f084c86539e386c751f9bca5e8d249ac1d60d8e123a1975c84d52c6bacd934
66f0dc601980210348b662950393979dddd60cd7d71deec55d52d33dba6480bd
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
699a0fed2799419afa73ab1e049cbf8d610f12f20c9f1ec9cfadcef5c5511ff1
699a545f6ead1d6c863f04abf61eaabb08ab61a5abbc5ad23bdc5981e7debc0d
69ad3aa28d82aca629d5970eb80b68d85111d458e08fe3eae014ed8cc509637a
6a612d520d067c43a717704dfc287f91623694cc27d4a12cec71846fbf8bbe9b
6b65062c13b1fbf5e4b11a7686da59324356a8aa87ec22ed9a988a295c55f82f
6d5bea8e0cdd9848eedee10232ad1498f8027e66a5d9ccee1d052622247ada7f
6edcbf70a97b56157ea94db6487260b8c7ba8cee439653f3097aa61007c05e0e
6eeef958cb9239615d044262c6a085e5dd7bcc6eff1a937d389c6a4aa318f342
6f9f3b66362e3f3ed7c0fee54cf060420eb300c029143297e30d3855788d3860
7156c007f6e1889bf2677f9d17690c85086f3ea44e9b63eefcac82f33d62009a
72753bf20ed288ede24c8c12689fd3ec0aaaae976f5155d7b8d90eca316506b5
72820ccc117593f5f58e2d40b0a53facd89edf4e47faa1fc99c02f6501f74224
730e89663442ba2e45c35d164363880dd0e8aaf6c57a66d9815a07c03d70c182
7311da78afeb95caf1c39d060da9e270025ed152fc0ea3f6c73b77f0ecdbb3ce
738c77017ac5c53ac125f52549e3b88ec6432dbe6013e726ffa07df90412f98a
73cd0f12b081cf0da985dffb903793f46e9c2179fbd7010265db65756c3f4d3c
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7612bf30899c897f5dd4739769176e9ee77212be2f6c8c0dd3f91d97ca797197
76b5d84a9893ecc37ce70bef2788c4122e47b4463649dcb6c12489f42abdbc5b
76c081b45b34f6727f21f9fa33c6fb4bb8581444810d9f19a7972a8378a81955
76ebbe54e2380dde6ef27844af00c3e241ea375d961d58400bef64c07824c6a4
77ded383d58722d5f7863bfa8bb80b82d3f2618347818b4e2441c4ef667a5ea0
7800cba817ddd827d37dbdc366aa6dd118d321008877022eb1ba91a146905084
792074561f2d94442c8648916f41fc6016817b61d554daa9c67301aeecca14bb
7a1b5f12778dc4fec2b6b275b72cd0f450b4adbd001235e02d17f736668b6420
7aad9c637b0769b634613c0a18b65df88e4f2e43b3153a424a5dbdbf6fd7fb0c
7ba0632bdd32881568ff9dcc614611875efe88ce3ee8de91d0a039f5fe9dbeca
7be8d23faf8e20f95b11c1a6b936f8e7fab5edfe166294fa5cbddd5f4aee8dbc
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4
7ce817e90950ca862e6deb41fd7a7da9a5ae489773daf3f6a12419d25b6080bb
7e321adbc883a240ca38462b54e3b12c771c2d0d72cc816dd8e10bfa9d4f9c5c
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
7ee592788078bc7852c8db9cc9dd169f52b028149518c7a7c05942717a8e32c7
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8091a6db08c1258bfc46110283fbae80bb702e651805b9c9b4cb055d71b540a9
81ae5ae4a9ed2a0aad7d072359df89b72ab1dd3720962e7b8abbc6710ed2740c
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
81d064926cee91fd88a624d7dea8c312dfd196dcab565b0495a08369a18cbafc
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
834ad0e57a858eaa5afc898dc562dee4581bcf085a48fbb6dd2a51bcb4139754
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
851c318e4607c8b961ec40adb8d8d2bf234a7eff03ac9b67722d9a4f804be782
856d0f78b25049ba42dbf6a40e4a2078718135bac59fe9b9eb8157153a460a3e
85def7b2fa112c08016ff6d8e9f49af9bcd4c21077ed7df9de49446f83444af5
863a106e2dd7f8bf8205a9fca14cd7a6932babd22c16087b458155a9f3ee89ba
86cbd186d5f518d881af44ace9a2d7afc7e354f5ce6c2d0a675da7161881f42e
890000c9fb1f14ae2fe4e167c68c520d068b264fef51d4fbf11ac24af00f3baf
894df790a3005f0be228f10d6750ab4dfc834802cccd548fceb4c5a7df7e2556
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
8a7197a88bb625067c23f57eaf2b298374f750220f17f77097cc2fbb0eab516e
8ac0061deef474552d741b1c80204311490bc9676c6dd1fb9cc9e279f0ddf59d
8cca641b3e0783f28bb481b18d44832b08ff541dd972c46152c20871bb8c4350
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db99b2e6c80f100058c2316a08c01c8a1672f99008d752d58721fe379ad256e
8df4e2508308452516a8972eb7d993d970eefeea6705487b0e100c0fa7b4b447
8e30ea2364333779a7465bf5888be57e21d793c3ce1f97cb7fd24a75cae90b33
8e8e0c76586ede73899d630f05548e7bbc2eabbf8e58e29aa057863a82fbad36
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f80d4902d2d0633e4c5982135fcae529ff5e22b89fa56cb4614c8cbf94e1431
8f8e9f5aa4d83fea7180263bbeffcd42350c2c9764864f405b0f8ff8b9670a45
8fb2066429de2e2d83fd06c155d4eeefcc5ea88c598036995642660fe305c770
9042a5ce9344f28ad315e788072361290d48eea825c4ad9f576c2e965ca8fdea
91ea3a0d0e07ecb156216b4b957347e2339c610044e879f01e396bee6474752a
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
943af193bd52ff371de8563ac4c37515d4604d929cadb9fce6ea5b59bde63195
96f1bf7e1c0ac4c3310832746a1a8887970155a1de90935c488b05a0c2c73c1e
96fb5e12791d4f579397076639f47a3f739ce3c91040017b73c3107c5f67d415
98acdc90ef59253b10fb7b9b0e8c6929657cadbc177ef8c4123c702791422170
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
998566e29ab8c76df582b811323fd5645930797a51fd6c32e0b48cd443bab086
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9c2ab8c89a0b8c8fa12ee998135187c58086ffd6a372e962e2b28ab021364d97
9d07fb6a85f0cb749d620cbede61dad7e9965e6479036a410d8e4732707876b2
9e26ec749b9aac9a2755f950c044afdcf9eaa48bd7b8b614b02368cc54a2d71f
9e724533992b3c0cf17c8ec16eb7e6edad2dafb80b1a563b84b663b11841c1f3
9ed644fe26b67089a49ee805c2bb286deba7964dd07662dc1b57c3604c4a2efb
9f7845baf48f3b8c34aad7cdfabdbde46cdefcd61f5843bb8e485ecd17b35381
a09d02e6d88797dbde0e92bbca6e534dbe41f4add18f56f2e10ab3ae98dca0a6
a0b23ade793431788119a23a7fac4cd47e6be57e3820a1ffd2a0a53a1320dc5e
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e6b09a65b90cfa567289635ab13d0bf5c44e30138232435976fdbfcb48d9ba
a10180a90bb873bf252d5216b6090fd12889a616ebbf79f31344d510461153c7
a2a25ae5fa2c894617f6db6715c139cb25874f61f1007a33f527001b3336473a
a2a9f0c65b33bea4e7d0754c65b108050d1715a518ee24f036310e5066e3d2e4
a32193dd745d9d011a1f35171b04a0e0ead5565a917de70e5652836fe967833a
a322b2e4838be6ff0ffbb5dc9a1cbdce30b34bd1a045c19040a259d21526d7cf
a40e424d54800fc2704682930d3be386d0280b96a03869db6bf3894218f1eb7d
a4411369983a3d3d64ed7651311ca28a5de5721a221a9aeb66774626029fbc77
a569435118aa25840b4faa2e74e282f780f98c1fda20e5025360e862d4866f33
a5aefdbc19ae574a75cc9d75db8ae7a5df43df719a1cf1a55c686014c65fb721
a61199617789ed140dcdb57d45a6475bb302889d53f44149ca8d85ac26d460ef
a6228e761dcb43896055c3e8271b1e4dfd480df47f1ee88c57c1000b991e60c0
a6b471ceedb04f5c67ca9edcf22348aab952c42ccf73e92b72c502a488abf075
a6d8efcec4beb19fdcb6e14e5ae504451a3d846afe70c26c79825c9b9121a9be
a719b57d2b05acf27e8943361a13f21d910e264a75ac92d961ab3c3776b15a1a
a7b4051ce3c03d83059984dfd302a18b7e0bb49f3a188b6db2f5ef53b1970a5f
a86b6ad9e03d76408d611ce4b65f88621293e051372219a82e1d43807e13b540
a95d7230e92fa3f5e49d0a98b70db47eca288aa80c32e7aa463fbf0887ed6648
aa228570b3dcdecf3ebc24c2ead296c44536592954ac7b23927a4a820ef1b329
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac1c2bf8dee41731b63029be85dffaf87ec58b67e41aa65f5cd2fa1802d9c069
ac9a19e1c87802a0542f754d3786bc70681cda30eafd9d204f293bff57fe0ca1
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
acefc092ffa6df74a87ef66c614fe3552153903ea3f4da381086eb63d1b8525e
ad7830094b1e154ace221078961194631a1c8b06d103bc7b8822850199321d80
ad8b9ded54ab5f4ac8d85fdcf732d263a16f48b1ecf80fa12ea8c8a7a5af1841
adb44b9fde5fb6026678ea4cc58f0795edc8299546aee3daf39cbb642d54d3e2
ade64b94b199f7eed364aed791007ad5ea08cb6b4d23d29a4e525eed6d546cc3
aeac3df5ca446725ac4a984ed4b6172c3b3b1cec23d70cc45ec546863f792264
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af8574c64eb8a1a24537fe67d1c22a775ddff60c52157b8922dae42caf91db97
afbaef38253ce5643c0a145d05469e138a7b325c12661a66e09ceeeceaaf3c9c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b420c37b65da2d8be2c2e2f7f6785796ade1b4e65c291760c9f98b9e8eb85c4e
b4f3ab950944fa63b849baf193524685abf48af8d46a8cc7b68d47489b072f8a
b52608eb90130f261d38507f7445e73f9c54fde9b481d23f1987bafd1ed5090a
b53aac3689f06e7c35d632bf5b7a09ae6080eabeb695b97a6b07ae409160bbad
b5b57158d599a1ae09543bddaf35fb04d29d3a858de1adc481cd3a8cc16bc873
b6276bdfd4e4844bffab5fc63afcbf296b5ab01ffab5ec61c7c513ba41089d09
b775a1e494160c22782afd1d63c4786cf6e8c8247d3e253c4a2d09cadb4bde82
b7f5d70a1071fe2f8b9e45d9befbb788d9912d50f7dbc60e5728bdf837a21d08
b8f7a67861972c13bbd67f527a121e276359e74a34d7366043870a77cd03ebc3
ba305343edd52d74dd02873ca26d69a284f57f1adf6c5160cb1bc2070c53463e
bcc5776e9fae4fdacc876c8fec1a448df437dbcb9c79920384bd88d8cebb3869
bce50a6c3baaeb81c86f575125a959fdb1ffc5bb7a3bec2452503fda239ba4d7
bd4cca3a6ddb7a2452b1bc5d56e978e4412ae2a6fb188c4852770d3b01b2c47d
bd9c5b80c4ec81d3b3ff606460d214e452578f2ad0d97d05e84cb1778372fc1c
bf4e7e425916277f16e562c63772b56fe1a426b74435a5d3bb741b24ad106743
c11dcf891fdf84ea7f0725ba098fe4213c047755c8ffc6627306a8e04bbfa773
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075
c301d97194faa47a7d5d2028de360cc34b72805365a6fb789a1897b417d0d197
c359ae486098095092b4d1a21fb6f3b90eb33b897d4562fc325d502d9902864f
c46261799db2b9293be2af0302b45e51ab5d1e383d0e7b4994432c8fe0ff3d26
c5efad5e6cac88457394676f0c59f2a6e26473481459f21309cc7db19f41c2c2
c73de01e6d4ed07a7900cf82bada4d8db6590f3484ad0558f0e511293fe1e04f
c94ebc505ac53cbcf1dd0aa14f8ddb99e063d1fbb6757cf37d7ea27e543c199b
c957adaf4326a8636ad68fc78acb194b96b34bbeba09daf6b36c74975ac37d21
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd6977e5aca49e39b1507af7964356e9d97cf109d76ce1ca8a15927f0d13dbf3
cede6b4d3db7dfd01d7d6e9bf322105ac466e167be6ca281e9ac500b1f302194
cef4f8291e3a04c0285761f4bce1be1ba267090ce3078367eaab21653a48319b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfc14eabc9c31e697dfbd7eea7f1e9514fe9e0beb0531025fa59cebcae95dc99
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d189f904a81929215a78710cd0337eab3adab4134c6b0650dc74962902da3e6a
d2dcf4e292cf679e2c8530bc37a6f23979b184ba573845ddbb1e9d595a554227
d37a519f3a04fe4c01c920f2ba0cf85283ebd419b5d101a606c5ee2b33f19b35
d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e
d5b39bb63c32dbfde2d06b20a45a58e8e0b6c261df0ecb73f4ba470d68de94fe
d67675d915bf8992833fcb48db841bfb61da2fa8acf58b56c7b9c19057baa33e
d68bcb5dddd299115f4f8437d744ff4466f64d12a7d658b73236e5ebbc959647
d6a5e09e10f94077749be842a39eccdb423df69e86b81b279683fcfc33ad443c
d7335dd68f7773410dd6828262b0521f37027b5f5715a946b45af304522fa5ba
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8234a5854ab9176a7bdc57c6dc183540c614c50dcb02296f94913e7031b0272
d8ae75e271d4fa610a8953650e608620badb7a0bdd6e79518637c6cc719cc0a9
d9471b2dee2e6a56675ee3a793677cdd93c31dbcd2fb4f799936b9c66972bb1e
d97734d5f3d2c873df0afef33c1c508b6e556abd114193df3419da8d53196e6e
da113d5c8af5bc0b2ef4a2ad0f7111caf9374be70bb5ee17ea2149bb66ae6ad2
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7
dbb046fa72c876cca5055197f78751f09b508b0e8d22e07ee9c36fb0836cabac
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def2a184135eba029f8f785b3ed69edc5f36b368226ce1fcfeda4f5aa301d1b6
e081680c6438afa7143f80f7d1b4c082607919987237186fb358a64d0aa06102
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e20ae929dfac5d9ed6a3714fba73fe1f292f5fccb74d2c3a0158a28494d81c5e
e29d4bfe55c57879b5c57a0560cf4ea68693428428e9a3951d5356b65eccd2b6
e38335b8da3a11b4a278e7572f99a3990da81b9764b7526bd7b69ec0c6a57c84
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d188579bddcd83fc8d1383f60e6a50c5cc3428e4f6c32b493a8cce04bc9c87
e524d44843e7d1c9ec644402f6d3c2b74655676f373b5c1338807c11afc2325e
e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f
e67bc3d2fc5ef2434ba9ca9399ab2a31a334d9154395fc0a26309c91b7ebb2ba
e945d7b21fc77deb7da23640943534347a8810a109e8f1eaae5318b56956c0e3
e96aa7c60bb144fee6bbdbcc58f8b542df774635705f3b3f1211a706b3516bfa
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
eabb880277c8644d8b8d3134cc8649109692ee1d1d4ca460374dd7cd97c9271b
eb6d8677f4fe82deb229a4a4123c46c3378a92cf5e17f4844dcf430dd1ff6b45
ebff6c0185f82da56ae24b05179c5c24dcc630c5002ce833e7f7f53eca8a0df8
ecce87f08a1ca006715522db52028d1d1289b3a8dd52212a2dbf9321d60d8bff
ed217f84a2f42753409477460b63ce2ed71c6447b9ec89aa0abde7f42ae5bcf6
edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad
edbb070af2aa200f8cf7268f15cd3ba1742d96020238a3b40df4659c00d0e8ee
eee37e184ad644e9256ad8c8854238153498a9fd83dc8898f55cc49c536f2cca
eee452e8ffe1fd3055dabfcc4d6ffa177ce2dc22dffaff52f42bee8150984ef0
eef02ba8163b3a25fd46d9b7004a52ea61dec32650d26f3dc62345bf16d6a570
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f069a0f0b4056ba1b431f5aa399c57ed991731a43e3856aa7469a16cc313633a
f0b2aa044e220b8f9ec02d387f0a408309d8563232656a8700338f293598e1e0
f2309f0271c218fdd5520d0100c7f9404dda13d2915ce9638271c351e8938a8e
f2a94eb1d42e17433281e0b974340f4d2efc5ef5033d0d4af074a96012c6ba1d
f3e1d573601ec8fc04b7410e8593284ffce7fbcc2148ce3070349b6218a40d1f
f6080ea5c513ad166157ed112627e13619dbd7f62f5d6aebcf460e9b0dd75bab
f6473ac6e3cb107ba27f5fc43eecdb1bcc2d84bf488c7493f43c16c3f3d926c9
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f579ae91cdfe6c93a19438d8a2157b13701be2de0ec3e8d325ca7a1380eefc
f91a82b48d15335fee78d0936ce1168dab4950454ac80ebe1b45350cda01fc6d
f925795bfb1244369165d86dceb2e78ab0166a17c16c3f5dbdbc4ee0f1e268e0
f9d9c7a87c8d45bf544e7e77ebd3e5ca06c28c690e4c36bf6def49fa95326941
fa5e6a5289779225c2aceef92a0c7c3ecaef8e1d3fdecaffa744605463b50867
faf6dbe465a4d62df2472ca6a0069afb413923aea09c4f2dc85093b62dbcd794
fb0937c8795554e0837a02e3c17fc431c8665d70b631fd4bc285e8c10e5e22a6
fb825459ccc25cdb8e2cb75bf1e5b004cb6a68e1c937e99cf6d12b103f3526e3
fc1dbbe483001a995acf7f633fd25bca5cf3b3a7e50f0de6cda33ca8c646e2c5
fd35d12b17ce478452e385da6327c1d7d65218dbcf54ec63e728857afae15b90
fda6d31bf9df409dd091a643f742ca0e2f42e39aff9106003473239a284ef526
feb1694c0abb5f9927673a740d68df5c069b21bb6ed5cc17d6703bfe32949fd6
ff5e170348d6d912c979cfe36fd42ec482c81aad08987d4e8f582fb00acd6957
fff84600b320b191da2a4e675c12eb60aa6e00601debc8846c50b19048cf560c