www.fox13now.com Open in urlscan Pro
108.157.109.25 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://click.oi.com.br/ls/click?upn=5zCDL-2BIpvU4z1elswBBmmTinI5M7jgVe7J8tz5U5f57bXY9Cj4YlOizeuxQkpfcCk-2B7bL-2BOloBfXo...
Effective URL:
https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Submission Tags: falconsandbox
Submission: On September 14 via api (September 14th 2022, 1:19:46 am UTC) from US — Scanned from DE

Summary HTTP 218 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 58 IPs in 8 countries across 42 domains to perform 218 HTTP transactions. The main IP is 108.157.109.25, located in United States and belongs to AMAZON-02, US. The main domain is www.fox13now.com. The Cisco Umbrella rank of the primary domain is 363375.
TLS certificate: Issued by Amazon on August 25th 2022. Valid for: a year.

This is the only time www.fox13now.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.115.56 167.89.115.56	11377 (SENDGRID) (SENDGRID)
6	108.157.109.25 108.157.109.25	16509 (AMAZON-02) (AMAZON-02)
7	108.138.17.93 108.138.17.93	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:219... 2600:9000:219c:2000:13:a391:88c0:21	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a02:26f0:11a... 2a02:26f0:11a::6867:4841	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700:e6:... 2606:4700:e6::ac40:c412	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2.18.169.82 2.18.169.82	16625 (AKAMAI-AS) (AKAMAI-AS)
1	99.84.88.100 99.84.88.100	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3032::ac43:cb69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:929e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	18.66.23.213 18.66.23.213	16509 (AMAZON-02) (AMAZON-02)
4	2.18.68.23 2.18.68.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.96.145.246 104.96.145.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:11a... 2a02:26f0:11a::6867:4868	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	34.160.158.95 34.160.158.95	15169 (GOOGLE) (GOOGLE)
1	108.138.4.59 108.138.4.59	16509 (AMAZON-02) (AMAZON-02)
1 16	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
2	13.32.121.95 13.32.121.95	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	13.32.121.17 13.32.121.17	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	52.17.99.225 52.17.99.225	16509 (AMAZON-02) (AMAZON-02)
9	2.18.69.170 2.18.69.170	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
2	2a02:fa8:8806... 2a02:fa8:8806:12::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
4	52.211.60.243 52.211.60.243	16509 (AMAZON-02) (AMAZON-02)
2	54.93.145.1 54.93.145.1	16509 (AMAZON-02) (AMAZON-02)
2	52.213.181.231 52.213.181.231	16509 (AMAZON-02) (AMAZON-02)
2	2602:803:c003... 2602:803:c003:200::61	26667 (RUBICONPR...) (RUBICONPROJECT)
2	159.89.246.130 159.89.246.130	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 4	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
5	70.42.32.127 70.42.32.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	199.232.18.132 199.232.18.132	54113 (FASTLY) (FASTLY)
3	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	2600:9000:206... 2600:9000:206e:4e00:10:618e:d880:93a1	16509 (AMAZON-02) (AMAZON-02)
6	3.135.86.205 3.135.86.205	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223e:3400:1a:ba5c:3900:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2	2600:1f18:e8a... 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a	14618 (AMAZON-AES) (AMAZON-AES)
13	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4	18.195.227.5 18.195.227.5	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3 4	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
3 5	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
218	58

1 167.89.115.56 (Herndon, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789115x56.outbound-mail.sendgrid.net

click.oi.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.157.109.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-109-25.mad56.r.cloudfront.net

www.fox13now.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 108.138.17.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-93.fra56.r.cloudfront.net

ewscripps.brightspotcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:219c:2000:13:a391:88c0:21 (United States)

ASN16509 (AMAZON-02, US)

d3plfjw9uod7ab.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:11a::6867:4841 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e6::ac40:c412 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.169.82 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-169-82.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-100.muc50.r.cloudfront.net

assets.scrippsdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3032::ac43:cb69 (United States)

ASN13335 (CLOUDFLARENET, US)

analyticssystems.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:929e (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.23.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-23-213.vie50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.68.23 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-68-23.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c21lg-d.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.145.246 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::6867:4868 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.158.95 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 95.158.160.34.bc.googleusercontent.com

aswpsdkus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.4.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-59.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 151.101.194.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-95.fra60.r.cloudfront.net

api.ewscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.18.69.170 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-69-170.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:12::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.211.60.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-60-243.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.145.1 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-145-1.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.181.231 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-181-231.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.89.246.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

ewscripps-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.123 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.18.132 (Vienna, Austria)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

lit.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ins.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:4e00:10:618e:d880:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.ewscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.135.86.205 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-135-86-205.us-east-2.compute.amazonaws.com

capi-tier-1-us-east-2.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:3400:1a:ba5c:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)

rock.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

flint.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.195.227.5 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-227-5.eu-central-1.compute.amazonaws.com

prebid-a.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.18.126 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	googlesyndication.com af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 174 pagead2.googlesyndication.com — Cisco Umbrella Rank: 129	310 KB
25	connatix.com 1 redirects cd.connatix.com — Cisco Umbrella Rank: 4881 cds.connatix.com — Cisco Umbrella Rank: 5200 capi.connatix.com — Cisco Umbrella Rank: 5280 lit.connatix.com — Cisco Umbrella Rank: 13199 ins.connatix.com — Cisco Umbrella Rank: 6875 capi-tier-1-us-east-2.connatix.com — Cisco Umbrella Rank: 5506 vid.connatix.com — Cisco Umbrella Rank: 6241 img.connatix.com — Cisco Umbrella Rank: 5932	430 KB
22	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226 stats.g.doubleclick.net — Cisco Umbrella Rank: 188 googleads.g.doubleclick.net — Cisco Umbrella Rank: 73 cm.g.doubleclick.net — Cisco Umbrella Rank: 303 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 373	225 KB
12	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1474 widget-pixels.outbrain.com — Cisco Umbrella Rank: 3337 odb.outbrain.com — Cisco Umbrella Rank: 1813 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5995 mv.outbrain.com — Cisco Umbrella Rank: 2878	140 KB
10	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 4265 log.outbrainimg.com — Cisco Umbrella Rank: 2588 images.outbrainimg.com — Cisco Umbrella Rank: 2497	156 KB
8	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 350	170 KB
7	google.com www.google.com — Cisco Umbrella Rank: 19 adservice.google.com — Cisco Umbrella Rank: 142	2 KB
7	rubiconproject.com ads.rubiconproject.com — Cisco Umbrella Rank: 3332 fastlane.rubiconproject.com — Cisco Umbrella Rank: 694 prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3730	120 KB
7	brightspotcdn.com ewscripps.brightspotcdn.com — Cisco Umbrella Rank: 53919	385 KB
6	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 362	47 KB
6	typekit.net use.typekit.net — Cisco Umbrella Rank: 1044 p.typekit.net — Cisco Umbrella Rank: 1273	69 KB
6	fox13now.com www.fox13now.com — Cisco Umbrella Rank: 363375	340 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 904	4 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	21 KB
5	analyticssystems.net analyticssystems.net — Cisco Umbrella Rank: 18324	2 KB
5	cloudfront.net d3plfjw9uod7ab.cloudfront.net	125 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 234	176 KB
4	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 456	746 KB
4	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 329	4 KB
4	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 2095	3 KB
4	media.net hbx.media.net — Cisco Umbrella Rank: 2510 hblg.media.net — Cisco Umbrella Rank: 2614 c21lg-d.media.net — Cisco Umbrella Rank: 3461	113 KB
3	defybrick.com rock.defybrick.com — Cisco Umbrella Rank: 11003 flint.defybrick.com — Cisco Umbrella Rank: 9866	20 KB
3	yahoo.com c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1492	478 B
3	ewscloud.com api.ewscloud.com — Cisco Umbrella Rank: 75009 static.ewscloud.com — Cisco Umbrella Rank: 99701	8 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1565	131 KB
3	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 730	14 KB
2	openx.net ewscripps-d.openx.net — Cisco Umbrella Rank: 81044	524 B
2	serverbid.com e.serverbid.com — Cisco Umbrella Rank: 4936	592 B
2	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 2750	823 B
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 863	4 KB
2	dotomi.com web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3176	969 B
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 223	2 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 4001 p1.parsely.com — Cisco Umbrella Rank: 3342	24 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 208	88 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 5202	792 B
1	google.se www.google.se — Cisco Umbrella Rank: 16436	501 B
1	aswpsdkus.com aswpsdkus.com — Cisco Umbrella Rank: 7186	42 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 1040	298 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	46 KB
1	scrippsdigital.com assets.scrippsdigital.com — Cisco Umbrella Rank: 69823	4 KB
1	oi.com.br 1 redirects click.oi.com.br	292 B
0	33across.com Failed ssc.33across.com Failed
218	42

	Domain	Requested by
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com tpc.googlesyndication.com d3plfjw9uod7ab.cloudfront.net
11	pagead2.googlesyndication.com	af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
11	securepubads.g.doubleclick.net	www.fox13now.com d3plfjw9uod7ab.cloudfront.net securepubads.g.doubleclick.net www.googletagservices.com
8	images.outbrainimg.com	www.fox13now.com
8	s0.2mdn.net	imasdk.googleapis.com www.fox13now.com s0.2mdn.net af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com
7	ewscripps.brightspotcdn.com	www.fox13now.com
6	img.connatix.com	www.fox13now.com
6	vid.connatix.com	cd.connatix.com www.fox13now.com
6	capi-tier-1-us-east-2.connatix.com	cd.connatix.com
6	www.google.com	www.fox13now.com securepubads.g.doubleclick.net af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com d3plfjw9uod7ab.cloudfront.net
6	c.amazon-adsystem.com	www.fox13now.com c.amazon-adsystem.com
6	www.fox13now.com	www.fox13now.com ewscripps.brightspotcdn.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.fox13now.com
5	analyticssystems.net	www.fox13now.com af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com
5	widgets.outbrain.com	www.fox13now.com d3plfjw9uod7ab.cloudfront.net
5	use.typekit.net	www.fox13now.com use.typekit.net
5	d3plfjw9uod7ab.cloudfront.net	www.fox13now.com securepubads.g.doubleclick.net af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	prebid-a.rubiconproject.com	ads.rubiconproject.com
4	www.googletagservices.com	securepubads.g.doubleclick.net af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com
4	imasdk.googleapis.com	cd.connatix.com imasdk.googleapis.com
4	mcdp-nydc1.outbrain.com	widgets.outbrain.com
4	ib.adnxs.com	1 redirects ads.rubiconproject.com googleads.g.doubleclick.net
4	g2.gumgum.com	ads.rubiconproject.com
3	c2shb.ssp.yahoo.com	ads.rubiconproject.com
3	stats.g.doubleclick.net	www.google-analytics.com
3	cds.connatix.com	www.fox13now.com cd.connatix.com d3plfjw9uod7ab.cloudfront.net
3	use.fontawesome.com	www.fox13now.com use.fontawesome.com
3	cdn.cookielaw.org	www.fox13now.com cdn.cookielaw.org
2	googleads4.g.doubleclick.net	www.fox13now.com
2	googleads.g.doubleclick.net	af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com www.fox13now.com
2	flint.defybrick.com	d3plfjw9uod7ab.cloudfront.net www.fox13now.com
2	af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net d3plfjw9uod7ab.cloudfront.net
2	ewscripps-d.openx.net	ads.rubiconproject.com
2	e.serverbid.com	ads.rubiconproject.com
2	fastlane.rubiconproject.com	ads.rubiconproject.com
2	ads.servenobid.com	ads.rubiconproject.com
2	tlx.3lift.com	ads.rubiconproject.com
2	web.hb.ad.cpe.dotomi.com	ads.rubiconproject.com
2	sb.scorecardresearch.com	www.fox13now.com
2	api.ewscloud.com	ewscripps.brightspotcdn.com
2	connect.facebook.net	www.fox13now.com connect.facebook.net
2	hbx.media.net	d3plfjw9uod7ab.cloudfront.net hbx.media.net
1	c21lg-d.media.net	hbx.media.net
1	adservice.google.com	d3plfjw9uod7ab.cloudfront.net
1	adservice.google.de	d3plfjw9uod7ab.cloudfront.net
1	rock.defybrick.com	d3plfjw9uod7ab.cloudfront.net
1	mv.outbrain.com	d3plfjw9uod7ab.cloudfront.net
1	static.ewscloud.com	www.fox13now.com
1	ins.connatix.com	cd.connatix.com
1	lit.connatix.com	cd.connatix.com
1	odb.outbrain.com	d3plfjw9uod7ab.cloudfront.net
1	capi.connatix.com	cd.connatix.com
1	log.outbrainimg.com	widgets.outbrain.com
1	www.google.se	www.fox13now.com
1	widget-pixels.outbrain.com	www.fox13now.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	hblg.media.net	www.fox13now.com
1	p1.parsely.com	www.fox13now.com
1	cd.connatix.com	1 redirects
1	cdn.parsely.com	www.fox13now.com
1	aswpsdkus.com	d3plfjw9uod7ab.cloudfront.net
1	p.typekit.net	use.typekit.net
1	ads.rubiconproject.com	d3plfjw9uod7ab.cloudfront.net
1	geolocation.onetrust.com	cdn.cookielaw.org
1	www.googletagmanager.com	www.fox13now.com
1	assets.scrippsdigital.com	www.fox13now.com
1	click.oi.com.br	1 redirects
0	ssc.33across.com Failed	ads.rubiconproject.com
218	70

This site contains links to these domains. Also see Links.

Domain
scripps.wd5.myworkdayjobs.com
www.facebook.com
twitter.com
givingpledge.org
x-default-stgec.uplynk.com
www.outbrain.com
goo23.com
stars-and-stories.com
starsflash.de
pro-verbraucher.info
sportpirate.com
shefence-citional.com
support.fox13now.com
publicfiles.fcc.gov
www.instagram.com
scripps.com

Subject Issuer	Validity	Valid
*.scrippsnationalnews.com Amazon	`2022-08-25` - `2023-09-23`	a year	crt.sh
ewscripps.brightspotcdn.com Amazon	`2022-04-30` - `2023-05-29`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.scrippsdigital.com Amazon	`2022-07-09` - `2023-08-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.analyticssystems.net E1	`2022-08-02` - `2022-10-31`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-23` - `2022-09-21`	3 months	crt.sh
aswpsdkus.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-20` - `2023-02-20`	a year	crt.sh
*.parsely.com Amazon	`2022-06-05` - `2023-07-04`	a year	crt.sh
*.ewscloud.com Amazon	`2022-09-13` - `2023-10-13`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.outbrainimg.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2021-08-20` - `2022-09-21`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.se GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-05-31` - `2023-07-02`	a year	crt.sh
*.gumgum.com Amazon	`2022-05-06` - `2023-06-04`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
ads.servenobid.com Amazon	`2022-05-29` - `2023-06-27`	a year	crt.sh
*.consumableaudio.com R3	`2022-07-05` - `2022-10-03`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
rock.defybrick.com Amazon	`2022-05-09` - `2023-06-07`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.defybrick.com ZeroSSL ECC Domain Secure Site CA	`2022-08-17` - `2022-11-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Frame ID: 1D422FF1E43BEE6E9E71C4C7952833F0
Requests: 131 HTTP requests in this frame

Frame: https://cds.connatix.com/p/182145/connatix.playspace.dc.js
Frame ID: 44BA4003A9D39BBDB004F4B211B8E358
Requests: 14 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.530.1_en.html
Frame ID: BE06220DABD0EB1131C53455B88486CA
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.530.1_en.html
Frame ID: BC3F44C685C0351527E9EE09B938DBF4
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.530.1_en.html
Frame ID: 81DE8CA5C7B96755B8930AFC486D180F
Requests: 1 HTTP requests in this frame

Frame: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9CE454E584829BCD853BFADB21214C7B
Requests: 1 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Frame ID: A2D08B032B9FCB61E1A8B460DBB90A20
Requests: 10 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Frame ID: 78A4F6FE8437784972D95B9E0970151E
Requests: 11 HTTP requests in this frame

Frame: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F9D41F9BF61DA0182620AE2B93CBF77C
Requests: 18 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Frame ID: F0510A265E23F8A16170903C9662AFB7
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COm_ExDK3oEBGMro29IBMAE&v=APEucNUlumLnTGb6AS5mObFYbJERB-tWpll734_UJ2YmD65zSCwkvQJ-T-X1qc1wmeIyNZLhQOh3OKE4gUnubaWQkjiIrUxH1v6xaTI8bKpLp1EJ6N4l8lYZcQwy4eZ_-6QA_xQpDuPHTJ3O7dSuTkxdwl7l7MMoWuLXD2wnCw9pFukEowhv33k
Frame ID: 3BF0D7FA9C0DF0FF6E8F40F45A6E3BA8
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2659564807390457485/728x90.html
Frame ID: 9D02760A67E2FCF6AD12D7E135824AFE
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6C225B22C22FAD92A2BC5046346F473E
Requests: 3 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?cid=8CU6Q6626&cs=1&cv=37&hb=1&prvid=23%2C3016%2C239%2C97%2C79%2C3012%2C246%2C80%2C229%2C2030%2C273%2C175%2C2026%2C54%2C201%2C203%2C326%2C2034%2C339%2C75%2C261%2C141%2C226%2C2027%2C117%2C238%2C96%2C126%2C106%2C29%2C3017%2C38%2C102%2C108%2C3018%2C71%2C59%2C3010%2C251%2C178%2C159%2C58%2C3007%2C147&vsSync=1&refUrl=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Frame ID: 79AA1A5E93E8E70CABFF6C6969989E6E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4C728595F20C1DE9B455A561610CE4CA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 00B4DC2DDF4BE5F9B838503572972ECD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Billionaire Utahn to give away 90% of his wealth

Page URL History Show full URLs

http://click.oi.com.br/ls/click?upn=5zCDL-2BIpvU4z1elswBBmmTinI5M7jgVe7J8tz5U5f57bXY9Cj4YlOizeuxQkp... HTTP 302
https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

218
Requests

94 %
HTTPS

48 %
IPv6

42
Domains

70
Subdomains

58
IPs

8
Countries

3975 kB
Transfer

14161 kB
Size

24
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://scripps.wd5.myworkdayjobs.com/Scripps_Careers
Title: Careers Search

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/share?app_id=765516083862087&display=popup&href=https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth&text=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth
Title: Tweet

Search URL Search Domain Scan URL

URL: https://givingpledge.org/Pledger.aspx?id=430
Title: announced Tuesday

Search URL Search Domain Scan URL

URL: https://givingpledge.org/About.aspx
Title: The Giving Pledge

Search URL Search Domain Scan URL

URL: https://x-default-stgec.uplynk.com/ausw/slices/05f/ef205c0e5ea14d77944cbd6904335118/05ff54799f624878bd2161270f49c948/05ff54799f624878bd2161270f49c948_e.mp4?traffic_source=Connatix
Title: Watch More

Search URL Search Domain Scan URL

URL: https://x-default-stgec.uplynk.com/ausw/slices/952/ef205c0e5ea14d77944cbd6904335118/9528bbab6d9749a0963f8f0c8b4543b1/9528bbab6d9749a0963f8f0c8b4543b1_e.mp4?traffic_source=Connatix
Title: Watch More

Search URL Search Domain Scan URL

URL: https://x-default-stgec.uplynk.com/ausw/slices/7ec/ef205c0e5ea14d77944cbd6904335118/7ecd769f48e54783bcae14c35f1c75e7/7ecd769f48e54783bcae14c35f1c75e7_e.mp4?traffic_source=Connatix
Title: Watch More

Search URL Search Domain Scan URL

URL: https://x-default-stgec.uplynk.com/ausw/slices/bdf/ef205c0e5ea14d77944cbd6904335118/bdf3eb33a7484f38bc4e6ba813a4af9a/bdf3eb33a7484f38bc4e6ba813a4af9a_e.mp4?traffic_source=Connatix
Title: Watch More

Search URL Search Domain Scan URL

URL: https://x-default-stgec.uplynk.com/ausw/slices/fa5/ef205c0e5ea14d77944cbd6904335118/fa522e409cb448af82b4f21659c522ad/fa522e409cb448af82b4f21659c522ad_e.mp4?traffic_source=Connatix
Title: Watch More

Search URL Search Domain Scan URL

URL: https://x-default-stgec.uplynk.com/ausw/slices/b72/ef205c0e5ea14d77944cbd6904335118/b7271ffc4eba44328cfec9db4bc4a99c/b7271ffc4eba44328cfec9db4bc4a99c_e.mp4?traffic_source=Connatix
Title: Watch More

Search URL Search Domain Scan URL

URL: https://givingpledge.org/Home.aspx
Title: Hundreds of other billionaires

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en

Search URL Search Domain Scan URL

URL: https://goo23.com/click.php?key=wffwwc9ijqda9hsgra7z&ob_click_id=$ob_click_id$&trafficsource=00027a84b738b9c0368d4d764f0aa90911&clickcost=$cpc$&ad_title=Urologen-verraten%3A+Der+einfachste+Weg+die+echte+blaue+Pille+zu+kaufen+&trafficsource_name=$section_name$&siteid=$section_id$&campaign_name=ED_AMS_DE_Desktop_Young_CPA_07_07_22&obOrigUrl=true
Title: Urologen-verraten: Der einfachste Weg die echte blaue Pille zu kaufen (Morgen geliefert). Paid Content: Apomeds.com

Search URL Search Domain Scan URL

URL: https://stars-and-stories.com/beitrag-11?obOrigUrl=true
Title: Ausgezeichnet: Verona Pooths Creme für 55% weniger Falten Paid Content: stars-and-stories.com

Search URL Search Domain Scan URL

URL: https://starsflash.de/fast-immer-ausverkauft-ganz-deutschland-jagt-veronas-testsieger-creme/?obOrigUrl=true
Title: Verona Pooth: Ihre Hautpflege ist der Testsieger 2022 Paid Content: stars-and-stories.com

Search URL Search Domain Scan URL

URL: https://pro-verbraucher.info/zez-l2t-b-ob/?ob_clickid=$ob_click_id$&utm_source=outbrain&utm_medium=display&utm_campaign=00d535cce983e77e237a729794620ac138&utm_term=$publisher_name$_$section_name$&utm_content=Krankenkassen+verheimlichen%3A+Kostenloser+Zahnersatz+mit+diesem+Trick&obOrigUrl=true
Title: Krankenkassen verheimlichen: Kostenloser Zahnersatz mit diesem Trick Paid Content: Pro Verbraucher

Search URL Search Domain Scan URL

URL: https://sportpirate.com/trending/grose-liebe-und-reichtum-manche-promis-haben-beides-ob-annalenabaerboc?utm_source=outbrain&utm_campaign=00a6e2deda7e0977e299392997490d8578&utm_medium=$section_name$__$section_id$&utm_term=%5BFotos%5D+Wir+k%C3%B6nnen+nicht+glauben%2C+wer+der+Ehemann+von+Annalena+Baerboc&ts=$time_stamp$&tbv=$cpc$&pcl=1&obOrigUrl=true
Title: [Fotos] Wir können nicht glauben, wer der Ehemann von Annalena Baerbock ist Paid Content: Sport Pirate

Search URL Search Domain Scan URL

URL: https://shefence-citional.com/c351a234-e6d9-4bf6-800c-f99fb09a6b14?utm_source=ob&utm_campaign=de_desktopWindows_2106&utm_term=$section_name$&utm_content=0018187642cee401f3f1202c002e586348-Arzt+verr%C3%A4t%3A+Ein+simpler+Tipp+bei+Prostataproblemen&t=$ob_click_id$&a=ob&obOrigUrl=true
Title: Arzt verrät: Ein simpler Tipp bei Prostataproblemen Paid Content: Prostata Gesundheit

Search URL Search Domain Scan URL

URL: https://shefence-citional.com/05b647a3-ac78-48c2-9dbb-31cddb69ab67?utm_source=ob&utm_campaign=de_desksemi_june&utm_term=$section_name$&utm_content=00d1290b92733e9c7a0a036629603170e5-Deutscher+Doktor%3A+Dieser+einfache+Tipp+entleert+Ihren+Darm+jeden+Morge&t=$ob_click_id$&a=ob&obOrigUrl=true
Title: Deutscher Doktor: Dieser einfache Tipp entleert Ihren Darm jeden Morgen (fast sofort) Paid Content: Nutravya

Search URL Search Domain Scan URL

URL: https://support.fox13now.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/KSTU
Title: FCC Public Files

Search URL Search Domain Scan URL

URL: https://scripps.wd5.myworkdayjobs.com/Scripps_Careers/3/refreshFacet/318c8bb6f553100021d223d9780d30be
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fox13newsutah
Title: fox13newsutah

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fox13now/
Title: fox13now

Search URL Search Domain Scan URL

URL: https://twitter.com/fox13
Title: fox13

Search URL Search Domain Scan URL

URL: https://scripps.com/our-brands/local-media/
Title: Scripps Local Media

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click.oi.com.br/ls/click?upn=5zCDL-2BIpvU4z1elswBBmmTinI5M7jgVe7J8tz5U5f57bXY9Cj4YlOizeuxQkpfcCk-2B7bL-2BOloBfXo1MxwMWa8iId5itQTFAUwr5UtydgB7pjm8hKRtG6aNEUBq9OSdvT8qp0iIzkXGjCFF-2FlazIeoA-3D-3DeI6q_LWlKycWVb2IrizlGw-2BKt9buqWIanuzfZqnxU24E6bx-2BbvtnG3a0qcb4Uhg6LAmFDHodJeaQy94yhEqrFDKI0OjoRB-2BXWKakmDbHGNECqoeq7kqF5xcHRY6BdUc-2FQg6iFynB-2F2LUvACzpFDmTIaFi7G5rla6PWJDEavG83dl2OgjqMWpRDFnYeXHu48oSY10EimaMbKgd4QGpT-2Fvo3nEtmHEi3yzXhYs6O3j9QIR4HfQ-3D HTTP 302
https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://cd.connatix.com/connatix.playspace.js HTTP 302
https://cds.connatix.com/p/182145/connatix.playspace.dc.js

Request Chain 187

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJrY8g0CUJOkelGYnzxmOeU&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJrY8g0CUJOkelGYnzxmOeU&google_cver=1&C=1

Request Chain 188

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyEsLVTIlMME56D.BkLj4gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJrY8g0CUJOkelGYnzxmOeU&google_cver=1&google_hm=2

Request Chain 189

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEN4niFDDj85Ot9eVyhu1WYA&google_cver=1

Request Chain 190

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk2NjA2MjE0MDY4NTU3OTczOA%3D%3D

218 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request billionaire-utahn-to-give-away-90-of-his-wealth Show response
www.fox13now.com/news/local-news/
Redirect Chain

http://click.oi.com.br/ls/click?upn=5zCDL-2BIpvU4z1elswBBmmTinI5M7jgVe7J8tz5U5f57bXY9Cj4YlOizeuxQkpfcCk-2B7bL-2BOloBfXo1MxwMWa8iId5itQTFAUwr5UtydgB7pjm8hKRtG6aNEUBq9OSdvT8qp0iIzkXGjCFF-2FlazIeoA-3D...
https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

245 KB
66 KB

488ms
270ms

Document
text/html

108.157.109.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.157.109.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-109-25.mad56.r.cloudfront.net

Software

N/A / Brightspot

Resource Hash

9b7a643c8d4582eb24fbd451781753492eee58ec0744d910405f2969ff615d90

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://cms.scrippsdigital.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=240
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' https://cms.scrippsdigital.com
Content-Type: text/html;charset=UTF-8
Date: Wed, 14 Sep 2022 01:19:37 GMT
Server: N/A
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 57afd7c325699412aa6569e0643f5f88.cloudfront.net (CloudFront)
X-Amz-Cf-Id: gbjaYKGmhDbMUa0ZciZSZMJ5teDXP9O_VpjtrCYTaShTO3wPM-Fo8A==
X-Amz-Cf-Pop: MAD56-P2
X-Cache: Miss from cloudfront
X-Content-Type-Options: nosniff
X-Powered-By: Brightspot

Redirect headers

Connection: keep-alive
Content-Length: 111
Content-Type: text/html; charset=utf-8
Date: Wed, 14 Sep 2022 01:19:37 GMT
Location: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK All.min.ffc8245c381682eae6916009c0a00eb0.gz.css
ewscripps.brightspotcdn.com/resource/00000183-23d6-dc33-a1b7-6bde09fc0000/styleguide/ 114 KB
21 KB 130ms
23ms Stylesheet
text/css 108.138.17.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ewscripps.brightspotcdn.com/resource/00000183-23d6-dc33-a1b7-6bde09fc0000/styleguide/All.min.ffc8245c381682eae6916009c0a00eb0.gz.css
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-93.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 477f878f435164c164971a4c3fb7d039e4a371ba0751657aec98bfee723c14dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Fri, 09 Sep 2022 19:59:38 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 19:59:36 GMT
Server: AmazonS3
Age: 364801
ETag: "821ffa6786a1aa9bf19ce5d6ccd93b75"
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA56-P7
Accept-Ranges: bytes
Content-Length: 21258
X-Amz-Cf-Id: WWNBC0gygYGPtWZoqDhSi0qDtExhzYJkw1gdESZeRJ0q1xoAHNI2rg==

GET
H2 200 6d6d25e3-5be4-444b-82ae-a8f0bb892234.js Show response
d3plfjw9uod7ab.cloudfront.net/ 113 KB
28 KB 124ms
33ms Script
application/javascript 2600:9000:219c:2000:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:219c:2000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2fc67e51612a060864bf2a051671e69044ca49d27660a5e4d5e0ad88d50f38d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: zimuvjLADBbICE2gCbWvBBHN3UOCRCFx
content-encoding: br
last-modified: Thu, 14 Jul 2022 18:53:52 GMT
server: AmazonS3
age: 2792
etag: W/"f675de6c139417f02f02cf2b125b187a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f46632dd252c85fed57bcf18d61d8544.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
date: Wed, 14 Sep 2022 00:35:28 GMT
x-amz-cf-pop: CDG3-C2
x-amz-cf-id: C7Esz1eZYwM0EUFes3Jpr58W9yzy9bSJTDMsaG1IJXeCARKS1M-JRQ==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
8 KB 74ms
27ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 14 Sep 2022 01:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 7BKk7WQU1Z9EDMZmf1T6Vg==
age: 12599
vary: Accept-Encoding
content-length: 7151
x-ms-lease-status: unlocked
last-modified: Tue, 13 Sep 2022 02:22:01 GMT
server: cloudflare
etag: 0x8DA952EBE223BDD
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 342e07ca-b01e-006d-761e-c772c8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 74a54ba70c786937-FRA

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 75ms
28ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 14 Sep 2022 01:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ERttG9+iQk1LCPjR495NRw==
age: 12590
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Tue, 22 Feb 2022 22:01:18 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5c711e05-101e-016f-5f44-283667000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 74a54ba70c796937-FRA

GET
H2 200 tsu4adm.css
use.typekit.net/ 21 KB
2 KB 173ms
43ms Stylesheet
text/css 2a02:26f0:11a::6867:4841
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/tsu4adm.css

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

44184c16fd72e51859e402906cfc8eb5cc13161916b42cf46e416bc9e3fe9850

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Wed, 14 Sep 2022 01:19:38 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1740

GET
H2 200 all.css
use.fontawesome.com/releases/v5.1.0/css/ 45 KB
10 KB 73ms
27ms Stylesheet
text/css 2606:4700:e6::ac40:c412
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c412 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

Referer: https://www.fox13now.com/
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:38 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1790554
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: WMJ919QTY78758FH
x-amz-id-2: YaVJGPBqeFWloo4drKleDUzyIdN0naKKSCvgr178G/L89GdaXrTUAVnt0IuG0F4OwK2u6PwxjYQ=
last-modified: Wed, 30 Jun 2021 15:30:31 GMT
server: cloudflare
etag: W/"826c57385f3d35cfed5478ba7b1f5c03"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2%2FTvT5ar3ZqRU6igzpXnI6hqkWElMVwjmbaS0zbpoAXX36tspd9abEgLKXy0aj1s%2Fswma4pnauY4SBwqmp23qNEmxtIEAtXOAS44O1IN0O3PXpPIun0qCa2nikUZV7hbwSi41Kt0IxNnXFVqFjI6UE%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 74a54ba70d88bb71-FRA

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/eead90a/2147483647/strip/true/crop/600x274+0+0/resize/400x183!/quality/90/ 23 KB
24 KB 24ms
23ms Image
image/png 108.138.17.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/eead90a/2147483647/strip/true/crop/600x274+0+0/resize/400x183!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F00%2F9e%2F66505c3f463b98e45a6637d3fcea%2Fkstu-main-logo.png
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-93.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: d46651a0642c39afc570af89ad0b4373250d4002c05e92282aab4b289c4771d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sun, 26 Jun 2022 02:17:32 GMT
Via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 6908526
ETag: 5530a8138966797a635819cda27dfa7c
X-Cache: Hit from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P7
X-Robots-Tag: nofollow
Content-Length: 23926
X-Amz-Cf-Id: LNpTgdtWzf-sOddgXhiB9fp4xhYfRFQ5Wb71kpQmQfwvmMBjqEUbSg==
Expires: Mon, 26 Jun 2023 02:17:32 GMT

GET
H/1.1 200
OK Blank.gif
www.fox13now.com/styleguide/assets/ 57 B
460 B 50ms
50ms Image
image/gif 108.157.109.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fox13now.com/styleguide/assets/Blank.gif
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.109.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-109-25.mad56.r.cloudfront.net
Software: N/A /
Resource Hash: e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sun, 29 May 2022 05:31:31 GMT
Via: 1.1 57afd7c325699412aa6569e0643f5f88.cloudfront.net (CloudFront)
Connection: keep-alive
Server: N/A
Age: 9316086
X-Cache: Hit from cloudfront
Content-Type: image/gif;charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: MAD56-P2
Content-Length: 57
X-Amz-Cf-Id: gxy6HKHj4FGc2yc8IOk2r0GYLEkyE_NA9TTORXL0Fqb8ECpMOFw47Q==

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/43aedef/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/format/webp/quality/90/ 81 KB
82 KB 25ms
25ms Image
image/webp 108.138.17.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/43aedef/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F4e%2F44%2F8b76c25f473093b130f7f52df25a%2Fjeff-t.%20Green.jpg
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-93.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 3ad36bb49239b3d32df10dc97841cb24dd28a8bca96ee95a57f4972d9b607976

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 06 Sep 2022 10:54:54 GMT
Via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 656684
ETag: 8f84e9a0fd2eafda378223eeca331a51
X-Cache: Hit from cloudfront
Content-Type: image/webp
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P7
X-Robots-Tag: nofollow
Content-Length: 83212
X-Amz-Cf-Id: 477a6OTSifownVzQqC_JwFZjtDWZReqpmrdFWDtBNNu_SPv-OaRQEw==
Expires: Wed, 06 Sep 2023 10:54:54 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/cabd33d/2147483647/strip/true/crop/720x720+280+0/resize/300x300!/quality/90/ 16 KB
17 KB 22ms
21ms Image
image/jpeg 108.138.17.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/cabd33d/2147483647/strip/true/crop/720x720+280+0/resize/300x300!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Ff9%2Fc8%2Fbe6d1e8f4eb2a9ab227d4653983e%2Fjeff-tavss-headshot.jpg
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-93.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: a78eee44a33280cae70b7fade38a0ea36d2d3c34252c8fffe9e5d91aaf463a0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 00:23:10 GMT
Via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 18233788
ETag: 432c028acf64b6afb081594ce3fc408d
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P7
X-Robots-Tag: nofollow
Content-Length: 16702
X-Amz-Cf-Id: fyQBWUDKvtwFmW56i1mBaDUJ8ZcnWW-vv6iBZqwraTVNtytn8L58Xw==
Expires: Wed, 15 Feb 2023 00:23:10 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 209 KB
73 KB 301ms
44ms Script
application/x-javascript 2.18.169.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.169.82 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-169-82.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: be2ab0d77c35977fb5fea026c9ceadfabd67f875d66472e7be6c9a1b5adc70c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:38 GMT
content-encoding: gzip
last-modified: Tue, 13 Sep 2022 13:16:23 GMT
etag: "16-B5sMp6KhhqaxmBVKgWjV5sRd16A"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 27e09eb25fc502bde2468fde5395f114
timing-allow-origin: *, *
content-length: 73838

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/f6058f7/2147483647/strip/true/crop/480x360+0+0/resize/480x360!/format/webp/quality/90/ 14 KB
15 KB 22ms
21ms Image
image/webp 108.138.17.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/f6058f7/2147483647/strip/true/crop/480x360+0+0/resize/480x360!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F0b%2F0c%2F0184c2f44e4783b067c6ee93fcc0%2Ffox13webad.jpg
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-93.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 7e03ea05c599640f6d1a683302bec77bcd06d63d0a41c3df4867637835876dd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 05:37:37 GMT
Via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 1626121
ETag: fb0cc7192b8850a1be784ebef7161f2e
X-Cache: Hit from cloudfront
Content-Type: image/webp
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P7
X-Robots-Tag: nofollow
Content-Length: 14718
X-Amz-Cf-Id: vZWV7uJqq5ic939PxASjKWnUZgZ76SXW2cegfXvzJPLzkWHOmJ0AEg==
Expires: Sat, 26 Aug 2023 05:37:37 GMT

GET
H/1.1 200
OK logo-scripps.png
assets.scrippsdigital.com/cms/images/ 3 KB
4 KB 135ms
27ms Image
image/png 99.84.88.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.scrippsdigital.com/cms/images/logo-scripps.png
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-100.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: 8lNexGmb6tKD4SPVOeXslwnzBtFWYJoV
Via: 1.1 086da553b96e728b869925910597a098.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Oct 2017 14:04:11 GMT
Server: AmazonS3
Age: 86133
ETag: "f46791d665054bf21da09492d448e1d2"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Date: Tue, 13 Sep 2022 03:34:48 GMT
x-amz-replication-status: COMPLETED
X-Amz-Cf-Pop: MUC50-C1
Accept-Ranges: bytes
Content-Length: 3532
X-Amz-Cf-Id: O-Wt-TBUi1JFla6TRYLm6YcFptYpSKX7Drl6lirlc2_iU_KdRQRG_g==

GET
H/1.1 200
OK All.min.98f7e04db9261218914a3632fb242b77.gz.js Show response
ewscripps.brightspotcdn.com/resource/00000183-23d6-dc33-a1b7-6bde09fc0000/styleguide/ 436 KB
102 KB 42ms
22ms Script
text/javascript 108.138.17.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ewscripps.brightspotcdn.com/resource/00000183-23d6-dc33-a1b7-6bde09fc0000/styleguide/All.min.98f7e04db9261218914a3632fb242b77.gz.js
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-93.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b79af45ca71f020c71f1cfb2c90527472ee0c22c9d67fb9705abd2eb2e9a8c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Fri, 09 Sep 2022 19:59:38 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 19:59:36 GMT
Server: AmazonS3
Age: 364801
ETag: "c96e0b1fd08705cba29f6e5d252c7b25"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA56-P7
Accept-Ranges: bytes
Content-Length: 103926
X-Amz-Cf-Id: GIvIuAsFlbYOo2XZv7d3Gg49yVms_4qYQh725sLaL_se-mdonayBPA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 146 KB
46 KB 94ms
40ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5QBX3CF

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a602655d7316f7aead12712c8dd59eb51c9de4b632621af2ab7f65419206b25a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46860
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 00:00:52 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Sep 2022 01:19:38 GMT

GET
H2 202 6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/client/impression/ 0
546 B 201ms
139ms Image
text/plain 2606:4700:3032::ac43:cb69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/client/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=564219
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNRRVDGeobQ5gONtQxfEJOgv7MR7c9qlopJ57%2B5NWahHnG4s1Gn2Fe3qHgCCeGfjECU%2BNXOgH83t9A5zCtz3lX8jntZCzS5cqvT9ivEZv21OU0YfupfMK1Ksxf%2Bs%2FDdYJw%2BJwUts8Q0cDe%2FkdTgXKmSy3g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 74a54ba978229b64-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: FxSVWoyujq64tQMBYvXx

GET
H2 404 000000.json Show response
cdn.cookielaw.org/consent/000000/ 215 B
576 B 91ms
51ms XHR
application/xml 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/000000/000000.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a80c0bdc9443b9380d96d066ea3fc97f2b84d5c83f52e4cb21c5501f8eff4ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: 5c8d9e0e-e01e-0158-62d7-c79ac8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 74a54ba7fa67918c-FRA
expires: Wed, 14 Sep 2022 05:19:38 GMT

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 162 B
298 B 89ms
40ms Script
text/javascript 2606:4700:4400::ac40:929e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:929e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfeb7783a538aaf85df056bf149c808937dccdb3e3af5714d6fba017054e2f94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
cf-ray: 74a54ba96b9d9007-FRA
date: Wed, 14 Sep 2022 01:19:38 GMT
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 166 KB
43 KB 154ms
51ms Script
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 14 Sep 2022 00:31:01 GMT
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront), 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Sep 2022 20:50:54 GMT
server: AmazonS3
age: 2918
etag: W/"d9d3c87337955401df6a2e4474e61700"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, VIE50-P1
content-encoding: gzip
x-amz-cf-id: t4YO_BTWeDUqtwoUxe1Za-0uNb0n01OlOF1xNHYN7EusQPonn_mHjg==

GET
H2 200 bidexchange.js Show response
hbx.media.net/ 445 KB
103 KB 153ms
68ms Script
text/javascript 2.18.68.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/bidexchange.js?cid=8CU6Q6626&version=5.1&dn=www.fox13now.com

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.68.23 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-68-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

7f8968984da64ccf02c29cba72ba7040e5887b01aeb26cfb13b92a62d582184b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
content-encoding: gzip
server: Apache
date: Wed, 14 Sep 2022 01:19:38 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
timing-allow-origin: *
expires: Wed, 14 Sep 2022 01:49:38 GMT

GET
H2 200 5776_Scripps_Local_Stations.js Show response
ads.rubiconproject.com/prebid/ 602 KB
117 KB 250ms
32ms Script
text/javascript 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4197601187199c9d3454149d70c03c3e5bfe8451f247b362329a743f3ec2f680

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:38 GMT
content-encoding: gzip
last-modified: Wed, 07 Sep 2022 23:23:15 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
content-length: 118871
expires: Wed, 14 Sep 2022 01:19:38 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
195 B 199ms
32ms Stylesheet
text/css 2a02:26f0:11a::6867:4868
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=tsu4adm&ht=tk&f=137.138.139.140.169.170.171.172.175.176.141.142.143.144.147.148.151.152.153.154.155.156.157.160.161.162.165.166.167.168&a=15199297&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4868 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 14 Sep 2022 01:19:38 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 79ms
22ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ac4601e35b202be3224690ef2fdb05de146e3dafdedb7544f4d028702af14ba9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: yMJXXW7gDc9N3cDs6pmNqg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: IrQZwz1FclSFhq19irkiCVl5V5AhiqUClitoara43fs5Tqdagd4gbJXdLHgspoKg3BGCatSIjrVCK42hR4J0aA==
x-fb-trip-id: 686109401
x-fb-content-md5: cf7526e912c9bc5c422f3e359f726073
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 14 Sep 2022 01:19:38 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "446f1945449df77f3f5bf05c83ac2cb6"
timing-allow-origin: *
expires: Wed, 14 Sep 2022 01:24:24 GMT

GET
H2 200 ua-sdk.min.js Show response
aswpsdkus.com/notify/v1/ 227 KB
42 KB 121ms
21ms Script
application/javascript 34.160.158.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://aswpsdkus.com/notify/v1/ua-sdk.min.js
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.158.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 95.158.160.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 60d86669bd9ed9711c63f3ae3da3922facc9e47fb76416895727cad3d879f71c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:17:19 GMT
content-encoding: gzip
age: 139
x-guploader-uploadid: ADPycdtdWbrlnN2V5ey8xCv9u0BjHLELUP3GD2UGUDpZEO_9yJYPQC2aziOgqDSH2OpNLSA-3NoujAoJhyMhfKS-ExSnYQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42547
last-modified: Mon, 29 Aug 2022 17:57:04 GMT
server: UploadServer
etag: "b2a97340af12eabf1f156f096783b4ba"
x-goog-hash: crc32c=a8SXJw==, md5=sqlzQK8S6r8fFW8JZ4O0ug==
x-goog-generation: 1661795824566829
cache-control: public,max-age=300,no-transform
x-goog-stored-content-length: 42547
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 14 Sep 2022 01:22:19 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 58 KB
59 KB 27ms
25ms Font
font/woff2 2606:4700:e6::ac40:c412
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c412 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Request headers

Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:38 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20024092
cf-ray: 74a54ba93fecbb71-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59572
x-amz-id-2: 2QlaGPMq/gvDCKcJFw44FiSlS/4P+q/GGuM4XjDC9R8VFdD3t5qX3nsOPJYWC4vFYDbhconZP1I=
last-modified: Wed, 30 Jun 2021 15:30:49 GMT
server: cloudflare
etag: "18d2347ab2a9f40ca2247cdb03303d84"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YnHd4RVCNEdiF%2F8MoiaM7tVDlFRRe2M3%2FWJjcRkHW1IyX2XbHMjk16GyrrpswXFT8e%2FTNfKcH8ZG8L8%2F8oB5Dqzd%2Fn0f21sRz7owt8w5gErtBq3Pt9uTYbtlzMS4q4EAc9eIWI%2BKe3HOX%2Fr9YB1xD3aY"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 2ZZC70Y57CQQS9TV
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 l
use.typekit.net/af/8738d8/00000000000000007735e611/30/ 16 KB
17 KB 126ms
32ms Font
application/font-woff2 2a02:26f0:11a::6867:4841
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8738d8/00000000000000007735e611/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5d8f24de649d274c051960845b51a0407362d6b4c80de23985e648d3378708f5

Request headers

Referer: https://use.typekit.net/tsu4adm.css
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:38 GMT
server: nginx
etag: "a5565f97e4389f39e94f7880b2c8088023e4d88a"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16880

GET
H2 200 l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ 16 KB
16 KB 128ms
34ms Font
application/font-woff2 2a02:26f0:11a::6867:4841
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b4096925f34c85d0c0e934ad77c44165dcd66fecc354c153784d246f00911da5

Request headers

Referer: https://use.typekit.net/tsu4adm.css
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:38 GMT
server: nginx
etag: "ef52ad3657e4d4a42c21db6c00d5c7ccc649bc94"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16560

GET
H2 200 p.js Show response
cdn.parsely.com/keys/fox13now.com/ 66 KB
23 KB 99ms
24ms Script
application/javascript 108.138.4.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/fox13now.com/p.js
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-59.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 1e07e272734d4232d604835b00dfb9847c36a95e2fb6a01458590618e2bbcc77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: public
date: Tue, 13 Sep 2022 04:07:20 GMT
content-encoding: gzip
last-modified: Mon, 22 Feb 2021 19:24:27 GMT
server: nginx
age: 76337
etag: W/"603404eb-10711"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: yWf4fDMwIz32PzecUPB47RqXvVEHjBPXbwc1WeUH57s4mm4kR0q5mg==
expires: Wed, 14 Sep 2022 04:07:20 GMT

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 62 KB
62 KB 25ms
25ms Font
font/woff2 2606:4700:e6::ac40:c412
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c412 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1

Request headers

Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:38 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20024092
cf-ray: 74a54ba9880fbb71-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63376
x-amz-id-2: sn55wVZ5XKo9MoKw2xRz6cMDSt9u6xMYOXbOSQp6RmNNNAGR1imkuzBRzRvlK82utnOJIkbmMIM=
last-modified: Wed, 30 Jun 2021 15:30:49 GMT
server: cloudflare
etag: "f319eac1c755f9929fd856720ce1695e"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9PwurxgwoqQJOJz9uXnDrC20vIv3UsNHrzEOEQfb%2Fwz9QrNS%2BSyB77mEO9TEewwuD9Z%2FFmc1R7Ren6CIl4FyiAqhq8G8m8eicY%2F6iPEtYVkSIwa4ldvXVHPBjkXr1Hpguc5tzjWmY7qKerYlKuOE1lGK"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 2ZZ02T7XJDWYN6Q2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 l
use.typekit.net/af/3322cc/00000000000000007735e616/30/ 17 KB
17 KB 78ms
37ms Font
application/font-woff2 2a02:26f0:11a::6867:4841
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3322cc/00000000000000007735e616/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: fdcb74f626ef8f1059c0e3bd503017b8fdda4a54afcc26a4da734f5fd5c7a87a

Request headers

Referer: https://use.typekit.net/tsu4adm.css
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:38 GMT
server: nginx
etag: "71f986ad2b4d0b6a0e5a056380e0c8c577137ae8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17212

GET
H2 200 l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ 16 KB
17 KB 80ms
39ms Font
application/font-woff2 2a02:26f0:11a::6867:4841
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 81a6361b1f6ff5f9f6ca05b773fb993d7b7b3f668635ccba4379fa3ecb9a7e3e

Request headers

Referer: https://use.typekit.net/tsu4adm.css
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:38 GMT
server: nginx
etag: "96c7595dad6bb306bf9cc4c7a3b3d28654c7d636"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16832

GET
H2

200

connatix.playspace.dc.js Show response
cds.connatix.com/p/182145/ Frame 44BA
Redirect Chain

https://cd.connatix.com/connatix.playspace.js
https://cds.connatix.com/p/182145/connatix.playspace.dc.js

996 KB
226 KB

53ms
20ms

Script
application/javascript

151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/182145/connatix.playspace.dc.js
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 898de16d09f9c24bcdf8da8b28d1440f260919a5f59d47350299729ede22a384

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:38 GMT
content-encoding: br
last-modified: Tue, 13 Sep 2022 10:34:11 GMT
age: 51867
etag: "c6ba9715c641059c39d80fff17593243"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 231557

Redirect headers

location: https://cds.connatix.com/p/182145/connatix.playspace.dc.js
date: Wed, 14 Sep 2022 01:19:38 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/02cc935/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/ 124 KB
125 KB 21ms
21ms Image
image/jpeg 108.138.17.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/02cc935/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F4e%2F44%2F8b76c25f473093b130f7f52df25a%2Fjeff-t.%20Green.jpg
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-93.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: bd6cafb0d9f0509d461f9b8845027ecb7f5385ee273346f5f44efd2b328afdb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 06 Sep 2022 10:54:53 GMT
Via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 656685
ETag: 8abdd9b88cc8d2da8c2022d32c3e8063
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P7
X-Robots-Tag: nofollow
Content-Length: 127179
X-Amz-Cf-Id: v48FrA-LdKIONfV5n8Kh8GXC3khbK63NOArAVcqNh-SXqbAXQqXUHA==
Expires: Wed, 06 Sep 2023 10:54:53 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 304 KB
86 KB 46ms
21ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=6e18ab934c7dbd5a3743a24e7e633065

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9fd8f736bc0334fb423a201ae3655687533c0fa90d6cd4c6aa001f29bdfac7a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.fox13now.com/
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: v/B+Nw9SZR3gHnJ+30hfYw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88196
x-fb-rlafr: 0
x-fb-debug: dFmJViQ4ZWIThYOD4CYwhLVaFMQxThqtIy2yiWauoRfLNkGhbVrhK5ivyGcQooMAWvhW44nEY8C4s9Qnzzb1qg==
x-fb-content-md5: 8e612847126d852c97ec691c431566a1
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 14 Sep 2022 01:19:38 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "bb28fc9e2414f65629a5555c553aac85"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 13 Sep 2023 21:59:46 GMT

OPTIONS
H2 200 /
api.ewscloud.com/prod/scheduler/v1/com.fox13now/schedules/current/ Frame 0
0 271ms
115ms Preflight
application/json 13.32.121.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ewscloud.com/prod/scheduler/v1/com.fox13now/schedules/current/?type=web
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-95.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.fox13now.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Wed, 14 Sep 2022 01:19:38 GMT
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
x-amz-apigw-id: YbPWtGm1oAMFl8Q=
x-amz-cf-id: dReotebbkcclvY3YyDWyMLgQ-IhWgQyqkd-8-_FkScN63Mg7lmRRGw==
x-amz-cf-pop: FRA60-P1
x-amzn-requestid: 8c5e9948-eec2-4e36-ac3c-54a64ab5ab0a
x-amzn-trace-id: Root=1-63212c2a-3fbea6bb7774e7bf5ec35bfb
x-cache: Miss from cloudfront

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 67ms
19ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QBX3CF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1058
date: Wed, 14 Sep 2022 01:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 14 Sep 2022 03:02:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 73ms
20ms Script
application/javascript 13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 04:29:44 GMT
content-encoding: gzip
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
age: 80104
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: XWvI1v9e0k3w5C5yN49IPDkvZML6iYsjpFEs9IHl0wNe5koIC7l0JA==

GET
H/1.1 200
OK weather Show response
www.fox13now.com/ 78 KB
79 KB 654ms
653ms Fetch
application/json 108.157.109.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fox13now.com/weather?_renderer=json

Requested by

Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000183-23d6-dc33-a1b7-6bde09fc0000/styleguide/All.min.98f7e04db9261218914a3632fb242b77.gz.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.157.109.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-109-25.mad56.r.cloudfront.net

Software

N/A / Brightspot

Resource Hash

5e602181aafe52aa669f52dd06fe84bcf43d6a63c343d443a812a5104668f846

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://cms.scrippsdigital.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self' https://cms.scrippsdigital.com
Via: 1.1 57afd7c325699412aa6569e0643f5f88.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Server: N/A
X-Amz-Cf-Pop: MAD56-P2
X-Powered-By: Brightspot
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Cache: Miss from cloudfront
Content-Type: application/json;charset=UTF-8
Cache-Control: max-age=240
Date: Wed, 14 Sep 2022 01:19:38 GMT
Connection: keep-alive
X-Robots-Tag: nofollow
Transfer-Encoding: chunked
X-Amz-Cf-Id: 9q-RODELP_sa3RHa19rDtWkrVZMF1EztI9eWXcxASV544ulnn50uHw==

GET
H/1.1 200
OK breaking-news-alerts Show response
www.fox13now.com/ 67 KB
68 KB 347ms
253ms Fetch
application/json 108.157.109.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fox13now.com/breaking-news-alerts?_renderer=json

Requested by

Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000183-23d6-dc33-a1b7-6bde09fc0000/styleguide/All.min.98f7e04db9261218914a3632fb242b77.gz.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.157.109.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-109-25.mad56.r.cloudfront.net

Software

N/A / Brightspot

Resource Hash

aac1c586b450657acfe4bc12163551cec331c56f30bc75a85727d7c48b0dddff

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://cms.scrippsdigital.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self' https://cms.scrippsdigital.com
Via: 1.1 bc05735148d76549abe57f2fc185c1f4.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Server: N/A
X-Amz-Cf-Pop: MAD56-P2
X-Powered-By: Brightspot
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Cache: Miss from cloudfront
Content-Type: application/json;charset=UTF-8
Cache-Control: max-age=240
Date: Wed, 14 Sep 2022 01:19:38 GMT
Connection: keep-alive
X-Robots-Tag: nofollow
Transfer-Encoding: chunked
X-Amz-Cf-Id: r_OyVVhkM9F0KrKcNmONYQCGnqLtsKxp6ewVVREwNkmQOo28NbBlUg==

GET
H/1.1 200
OK alerts Show response
www.fox13now.com/weather/ 65 KB
65 KB 1410ms
1312ms Fetch
application/json 108.157.109.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fox13now.com/weather/alerts?_renderer=json

Requested by

Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000183-23d6-dc33-a1b7-6bde09fc0000/styleguide/All.min.98f7e04db9261218914a3632fb242b77.gz.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.157.109.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-109-25.mad56.r.cloudfront.net

Software

N/A / Brightspot

Resource Hash

e5a9c4b6772e9edbac1981639eb2a7b05bfc435f0752481b68aeb2290746b5f5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://cms.scrippsdigital.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self' https://cms.scrippsdigital.com
Via: 1.1 fe41458437820e017e1a964e74df0578.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Server: N/A
X-Amz-Cf-Pop: MAD56-P2
X-Powered-By: Brightspot
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Cache: Miss from cloudfront
Content-Type: application/json;charset=UTF-8
Cache-Control: max-age=240
Date: Wed, 14 Sep 2022 01:19:39 GMT
Connection: keep-alive
X-Robots-Tag: nofollow
Transfer-Encoding: chunked
X-Amz-Cf-Id: ktosDYvaDK4JZldTW4L5qUw4sGXTWTxdl1u-WcreTq9anweuIvCt_g==

GET
H/1.1 404
Not Found school-closings-delays Show response
www.fox13now.com/weather/ 61 KB
61 KB 373ms
274ms Fetch
application/json 108.157.109.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fox13now.com/weather/school-closings-delays?_renderer=json

Requested by

Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000183-23d6-dc33-a1b7-6bde09fc0000/styleguide/All.min.98f7e04db9261218914a3632fb242b77.gz.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.157.109.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-109-25.mad56.r.cloudfront.net

Software

N/A / Brightspot

Resource Hash

d9725fd2da59c5a1563fb1b7754c752c4044552a5025cacfcc4693b9ab0647ec

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://cms.scrippsdigital.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self' https://cms.scrippsdigital.com
Via: 1.1 a21dc4de5833aaa6d917631becb22680.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Server: N/A
X-Amz-Cf-Pop: MAD56-P2
X-Powered-By: Brightspot
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Cache: Error from cloudfront
Content-Type: application/json;charset=UTF-8
Cache-Control: max-age=240
Date: Wed, 14 Sep 2022 01:19:38 GMT
Connection: keep-alive
X-Robots-Tag: nofollow
Transfer-Encoding: chunked
X-Amz-Cf-Id: kWNbdakIryhgnfO7h9n3RkRSgcvTGpNBp-0JK-_3BqI7amMxrifzGQ==

GET
H2 200 / Show response
api.ewscloud.com/prod/scheduler/v1/com.fox13now/schedules/current/ 4 KB
5 KB 125ms
125ms Fetch
application/json 13.32.121.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ewscloud.com/prod/scheduler/v1/com.fox13now/schedules/current/?type=web
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000183-23d6-dc33-a1b7-6bde09fc0000/styleguide/All.min.98f7e04db9261218914a3632fb242b77.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-95.fra60.r.cloudfront.net
Software: /
Resource Hash: 0b93940785a4f1fb8eccc117b67693904adaae97e3b96e45e1b10f2a73704431

Request headers

Authorization: Token bc22df1e0efb4dcb53f2438a4b71da118f05788c
Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:38 GMT
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amzn-requestid: 2b910a52-d99a-4136-a9a0-73bd2b771a1a
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-63212c2a-6345910645e8418e3d00ff28
x-amz-apigw-id: YbPWvFuNIAMF-pg=
content-length: 4391
x-amz-cf-id: 75Mvks6N7docET4cTN_MPsAkzVQPZiIHzorf-CecvuK28scsRBZpTQ==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
312 B 45ms
44ms XHR
text/plain 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3295&u=https%3A%2F%2Fwww.fox13now.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 20:57:30 GMT
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
server: Server
age: 15727
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.fox13now.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: VIE50-P1
x-amz-cf-id: yrMu9W_Bf_aeZwYT-fQfYJV8hslo-aJkD6pgwzMqIKnOh49_K9t0eQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 90ms
30ms XHR
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 02:06:04 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 83615
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 24 Aug 2022 19:06:24 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
via: 1.1 8c71fe23914182493dae4cb15c841346.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: VIE50-P1
content-type: application/javascript
x-amz-cf-id: YWMunynNKZgxS2BKluL3QTq3dBvApX0rChu62FIcKCnXG8MXRVEAeA==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 85 KB
29 KB 136ms
38ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71a8c326bfff4f0776f9e729f08909ffa35f7b45544da7bacf5d841ac45e752c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29129
x-xss-protection: 0
server: sffe
etag: "1333 / 520 of 1000 / last-modified: 1663109561"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 14 Sep 2022 01:19:38 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
260 B 212ms
44ms Image
image/gif 52.17.99.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1663118378613&plid=52393890&idsite=fox13now.com&url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&sref=&sts=1663118378609&slts=0&title=Billionaire+Utahn+to+give+away+90%25+of+his+wealth&date=Wed+Sep+14+2022+01%3A19%3A38+GMT%2B0000+(GMT)&action=pageview&pvid=471798&u=pid%3D4476dc6fda0af57c8408e8195c304fe8
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 01:19:38 GMT
Cache-Control: no-cache
Last-Modified: Wednesday, 14-Sep-2022 01:19:38 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 log
hblg.media.net/ 35 B
200 B 74ms
32ms Image
image/gif 2.18.68.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?logid=kfk&evtid=flog&itype=HB&tElp=21&adt=desktop&cid=8CU6Q6626&ct=FRANKFURT&cc=DE&ugd=4&app=0&pht=1200&pid=8PRL4E7N3&dn=fox13now.com&servname=ssp-serving-7999457fbf-227k6&svr=091212_441_091212_391_ssp&sc=HE&version=4&vh=1200&vw=1600&vsid=&vid=00001663118378665036481820165132&sspAbBucket=CONTROL&lw=1&dapp=green&itypeid=1&sd=1&adbd=0&npa=0&gdpr_enf=1&csex=0&gdfstr=Y-N&gdpr=1&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&tcf_api=0&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&id_details=&abte=SSP_CLIENT&rtype=&lbr=1&mnkv=&pabte=&pc=&ccat=&floc_id=&floc_ver=&gfundl=700&gtd=&inid=&ngfundl=1000&rdl=700&a=0&r=209&lper=1&requrl=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&kwrf=

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.68.23 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-68-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 01:19:38 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Wed, 14 Sep 2022 01:19:38 GMT

GET
H/1.1 200
OK d3d3LmZveDEzbm93LmNvbQ== Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
462 B 217ms
31ms XHR
application/json 2.18.69.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LmZveDEzbm93LmNvbQ==
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.69.170 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-69-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 01:19:38 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=11641
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 3791440a51120263821fe0d1d2ca0ada
Content-Length: 15
Expires: Wed, 14 Sep 2022 04:33:39 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 89ms
37ms Image
image/gif 2.18.169.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.169.82 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-169-82.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:38 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Fri, 14 Oct 2022 01:19:38 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
192 B 20ms
20ms Image
text/plain 13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6036471&cs_it=b3&cv=3.8.0.210223&ns__t=1663118378711&ns_c=UTF-8&c7=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&c8=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&c9=
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:38 GMT
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: Gn1VkvyNFyRKVqLEIP5I7G4PW7uK1DR4eWNK95ghVqMrRMDRl_BZ1Q==
x-cache: Miss from cloudfront

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 65ms
21ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 00:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2536
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 14 Sep 2022 01:37:22 GMT

GET
H3 200 pubads_impl_2022090801.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
130 KB 65ms
22ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dba21b69260b204a0ea685b1388df50b9c490e8db990610b08499aef93a72f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 20:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18887
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133090
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 08:35:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 13 Sep 2023 20:04:51 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 194 B
144 B 70ms
28ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.fox13now.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08de8ea6e0f9152d5d29a0b6d575137784a6c9e8a9771198b37880859a83a7e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Sep 2022 01:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119
x-xss-protection: 0
expires: Wed, 14 Sep 2022 01:19:38 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
72 B 85ms
27ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-27022641-1&cid=1413820601.1663118379&jid=1272942517&gjid=618233201&_gid=1347280446.1663118379&_u=aGBAiEAjBAAAAE~&z=444760555

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 14 Sep 2022 01:19:38 GMT
content-type: text/plain
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
440 B 81ms
27ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-29479748-9&cid=1413820601.1663118379&jid=407323250&gjid=1764666004&_gid=1347280446.1663118379&_u=aGDAiEAjBAAAAE~&z=645485796

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 14 Sep 2022 01:19:38 GMT
content-type: text/plain
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 79ms
28ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-40066851-1&cid=1413820601.1663118379&jid=543596707&gjid=1633782060&_gid=1347280446.1663118379&_u=aGDAiEAjBAAAAE~&z=169132950

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 14 Sep 2022 01:19:38 GMT
content-type: text/plain
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
21ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=637968196&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ul=en-us&de=UTF-8&dt=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiEAjB~&jid=1272942517&gjid=618233201&cid=1413820601.1663118379&tid=UA-27022641-1&_gid=1347280446.1663118379&gtm=2wg9c05QBX3CF&cd20=20211016&cd21=Jeff%20Tavss&cd22=&cd23=Local%20News&cd24=Homepage%20Showcase%2CLocal%20News%2CInstagram&cd25=false&cd26=&cd30=&cd31=true&z=1901077611

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 22:48:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 9091
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
21ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=637968196&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ul=en-us&de=UTF-8&dt=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEAjBAAAAE~&jid=407323250&gjid=1764666004&cid=1413820601.1663118379&tid=UA-29479748-9&_gid=1347280446.1663118379&gtm=2wg9c05QBX3CF&cd20=20211016&cd21=Jeff%20Tavss&cd22=&cd23=Local%20News&cd24=Homepage%20Showcase%2CLocal%20News%2CInstagram&cd25=false&cd26=&cd30=&cd31=true&z=1369767171

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 22:48:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 9091
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
22ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=637968196&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ul=en-us&de=UTF-8&dt=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEAjBAAAAE~&jid=543596707&gjid=1633782060&cid=1413820601.1663118379&tid=UA-40066851-1&_gid=1347280446.1663118379&gtm=2wg9c05QBX3CF&cd20=20211016&cd21=Jeff%20Tavss&cd22=&cd23=Local%20News&cd24=Homepage%20Showcase%2CLocal%20News%2CInstagram&cd25=false&cd26=&cd30=&cd31=true&z=185201175

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 22:48:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 9091
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hls.29b1ff4c2227d65c148f.js
cds.connatix.com/p/182145/ Frame 44BA 0
47 KB 20ms
20ms Other
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/182145/hls.29b1ff4c2227d65c148f.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:38 GMT
content-encoding: br
last-modified: Tue, 13 Sep 2022 10:34:11 GMT
age: 51867
etag: "c7d584666d2cad85c9c8b2766faadf0e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 48331

GET
H2 200 connatix.playspace.css
cds.connatix.com/p/182145/ 105 KB
14 KB 21ms
21ms Stylesheet
text/css 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/182145/connatix.playspace.css
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fbbf27902acad47a8df7a5e79c707a699b7789e74a1c703c6d46d9fe6e92aab7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:38 GMT
content-encoding: br
last-modified: Tue, 13 Sep 2022 10:34:11 GMT
age: 51866
etag: "7728baacbc134d5cb0befddf95cf6f48"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 14478

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 85ms
36ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-27022641-1&cid=1413820601.1663118379&jid=1272942517&_u=aGBAiEAjBAAAAE~&z=1005979659

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 01:19:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.se/ads/ 42 B
501 B 81ms
33ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-27022641-1&cid=1413820601.1663118379&jid=1272942517&_u=aGBAiEAjBAAAAE~&z=1005979659

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 01:19:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
506 B 82ms
82ms XHR
text/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&pid=elFVolr3moUmO&cb=0&ws=1600x1200&v=22.8.252032&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_INVIEW%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22MAD_RIGHT_RAIL%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-213.vie50.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:38 GMT
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: WNNGKTSZA6FQZCGZ419D
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: tZjN36QbIWgwBAlRF6mEzcEJoQMxtpHG_qyUTo5GlQzUlT2ZdJBR1w==

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 649ms
94ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698600179795af3a05c97ef2b009d&pos=8a9695310179795afced5c9919250098&cmd=bid&secure=1&us_privacy=1---
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 01a721ba5f571ef4cdc7189726219051bfd1253d7a3d255ba38a9138c125c090

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 652ms
98ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698600179795af3a05c97ef2b009d&pos=8a9691c501797961dc1a6230492e002e&cmd=bid&secure=1&us_privacy=1---
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e8c6793b0daff447dadcd5fe8912516e7fa84adee2469a3f56aefc4613a9597f

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
content-length: 62

POST
H2 200 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 298 B
484 B 202ms
48ms XHR
application/json 2a02:fa8:8806:12::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: b3323e7d9b645b229bf7467624db15b65f3976c54fa65313760d70c0b8d2dc3d

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 01:19:39 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 298
expires: 0

POST hb
ssc.33across.com/api/v1/ 0
0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 452 B
846 B 230ms
111ms XHR
application/json 52.211.60.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1663118378957&to=0&aun=MAD_INVIEW&gpid=%2F6088%2Fssp.kstu%2Finview-bottom&t=ryx2glbx&pi=3&maxw=728&maxh=90&si=113233&bf=728x90&uspConsent=1---&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.11.0%22%7D&ogu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ns=10240
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.60.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-60-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3cecf39b145fb800614f48a4a90fb0c9020a5bd469e0a675410e78cb0d36ab72

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 01:19:39 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 452 B
845 B 234ms
116ms XHR
application/json 52.211.60.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1663118378958&to=0&aun=MAD_RIGHT_RAIL&gpid=%2F6088%2Fssp.kstu%2Fnews%2Flocal_news%2Fdetail%23MAD_RIGHT_RAIL&t=ryx2glbx&pi=3&maxw=300&maxh=600&si=113232&bf=300x600%2C300x250&uspConsent=1---&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.11.0%22%7D&ogu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ns=10240
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.60.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-60-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6dd5b1d8d12af5a080a1e4255e06de73bedf5e880759b89743a714ea09ead12a

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 01:19:39 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
507 B 186ms
111ms XHR
application/json 54.93.145.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.11.0&referrer=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&tmax=2000&us_privacy=1---

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.145.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-145-1.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 01:19:39 GMT
accept-ch: sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 adreq Show response
ads.servenobid.com/ 87 B
412 B 141ms
43ms XHR
application/json 52.213.181.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=3017
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.181.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-181-231.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 70b72cf2d9f0de822b54aada96b16bcd9377b600018e3aa5808f72436a9c2ff4

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.fox13now.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 436 B
2 KB 240ms
106ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=5776&site_id=361740&zone_id=1954138%3B1954136&size_id=2%3B15&alt_size_ids=%3B10&us_privacy=1---&rf=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&tg_i.aupname=%2F6088%2Fssp.kstu%26mad_inview%3B%2F6088%2Fssp.kstu%26mad_right_rail&tg_i.pbadslot=%2F6088%2Fssp.kstu%2Finview-bottom%3B%2F6088%2Fssp.kstu%2Fnews%2Flocal_news%2Fdetail%23MAD_RIGHT_RAIL&tk_flint=dmpbjs_v7.11.0&x_source.tid=6af5ebb7-b262-49d4-9536-4499b38f1b17%3Bae460486-b344-47ca-965f-ae47134a4072&l_pb_bid_id=20581aed08393c3%3B21023b8e95b33d2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6088%2Fssp.kstu%2Finview-bottom%3B%2F6088%2Fssp.kstu%2Fnews%2Flocal_news%2Fdetail%23MAD_RIGHT_RAIL&slots=2&rand=0.4972721704674328
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1d4980adcd37351b8bbeeb8a4106fa5d1bfa40ffe2affcfe18f9f093a11d2416

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 01:19:39 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.fox13now.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 436
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
202 B 628ms
176ms XHR
application/json 159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 42

GET
H2 200 arj Show response
ewscripps-d.openx.net/w/1.0/ 73 B
379 B 108ms
30ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ewscripps-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6af5ebb7-b262-49d4-9536-4499b38f1b17%2Cae460486-b344-47ca-965f-ae47134a4072&nocache=1663118378964&us_privacy=1---&aus=728x90%7C300x600%2C300x250&divids=MAD_INVIEW%2CMAD_RIGHT_RAIL&aucs=%252F6088%252Fssp.kstu%252Finview-bottom%2C%252F6088%252Fssp.kstu%252Fnews%252Flocal_news%252Fdetail%2523MAD_RIGHT_RAIL&auid=544041562%2C544041559
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 5057326016c7a54b3c836cb611d531a74e26bec6eadaa75f5b0bdeee191b6899

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 01:19:39 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.fox13now.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 255 B
1 KB 198ms
120ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d07b00955573126e8b47a0bba664a9040e5d16bb1ab9dfc23979302b6ec60cc7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 01:19:39 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 881ac6c3-13bd-409e-b6a0-b474b61d2378
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.fox13now.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 255
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 476ms
102ms XHR
application/json 70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1663118378978&sessionId=065bb343-8145-a8ea-052a-444526e63e74&url=www.fox13now.com&cheqSource=1&cheqEvent=3&responseTime=273
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 01:19:39 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 3017f8a2462ca356ff2ec9d8a9fe239b
Content-Length: 4
Expires: 0

POST
H2 200 story Show response
capi.connatix.com/core/ Frame 44BA 7 KB
4 KB 194ms
161ms XHR
application/x-protobuf 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/story?v=182145
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf1d2e3138929e06f063598c0e7457610cc6a3f176b2c32721242c337fc6de9e

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fox13now.com
access-control-max-age: 86400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 3876

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
503 B 78ms
78ms XHR
text/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&pid=elFVolr3moUmO&cb=1&ws=1600x1200&v=22.8.252032&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_INLINE%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22MAD_HEADER%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22970x90%22%2C%22994x30%22%2C%2210x1%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-213.vie50.r.cloudfront.net

Software

Server /

Resource Hash

8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: 6DXZHN0FYNM5D0HVQNV1
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: g_inydUMML_2DMA6JqiEJDsMIN5h59RYa-ppytZp81tNNFa2JVrAqA==

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
390 B 513ms
113ms XHR
application/json 159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 42

GET
H2 200 arj Show response
ewscripps-d.openx.net/w/1.0/ 73 B
145 B 57ms
30ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ewscripps-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=96d0aaa5-fd55-49bf-862e-95e01e442118&nocache=1663118379017&us_privacy=1---&aus=970x250%2C728x90%2C970x90&divids=MAD_HEADER&aucs=%252F6088%252Fssp.kstu%252Fnews%252Flocal_news%252Fdetail%2523MAD_HEADER&auid=544041554
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 04b48917ac7f06d47ec018ff64390d2b1858006f9eb7aacd690af5d46fd0e11c

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 01:19:39 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.fox13now.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
294 B 578ms
88ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691c501797961dc1a628788a90038&pos=8a9691c501797961dc1a6291573e005c&cmd=bid&secure=1&us_privacy=1---
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 4a5c5b81982bd593a8c985233f117d4870d552f4c7010582ba3851c189c2d5d7

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 452 B
846 B 163ms
104ms XHR
application/json 52.211.60.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1663118379017&to=0&aun=MAD_INLINE&gpid=%2F6088%2Fssp.kstu%2Fnews%2Flocal_news%2Fdetail%23MAD_INLINE&pubId=13797&pi=3&maxw=300&maxh=250&si=217149&bf=300x250&uspConsent=1---&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.11.0%22%7D&ogu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ns=10240
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.60.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-60-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a05474a787838dc56270e28399ffcd03d0368fa060dadce79a545b4d1e5396ff

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 01:19:39 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 452 B
847 B 271ms
213ms XHR
application/json 52.211.60.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1663118379017&to=0&aun=MAD_HEADER&gpid=%2F6088%2Fssp.kstu%2Fnews%2Flocal_news%2Fdetail%23MAD_HEADER&t=ryx2glbx&pi=3&maxw=970&maxh=250&si=113230&bf=970x250%2C728x90%2C970x90&uspConsent=1---&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.11.0%22%7D&ogu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ns=10240
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.60.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-60-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 565f64a69a246ce62c6954597c9815fc461fb7f48665ca3bd1bf73dfa68233b8

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 01:19:39 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 200 adreq Show response
ads.servenobid.com/ 87 B
411 B 84ms
44ms XHR
application/json 52.213.181.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=8661
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.181.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-181-231.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 70b72cf2d9f0de822b54aada96b16bcd9377b600018e3aa5808f72436a9c2ff4

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.fox13now.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 200 auction Show response
tlx.3lift.com/header/ 5 KB
3 KB 118ms
102ms XHR
application/json 54.93.145.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.11.0&referrer=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&tmax=2000&us_privacy=1---

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.145.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-145-1.eu-central-1.compute.amazonaws.com

Software

Resource Hash

b77c8f6b08751d0832faacfcec5c659bd668a7a42e8005d117388cf1f7e28e1a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 01:19:39 GMT
content-encoding: gzip
accept-ch: sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2928
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST hb
ssc.33across.com/api/v1/ 0
0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 462 B
2 KB 254ms
145ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=5776&site_id=361740&zone_id=2090360%3B1954132&size_id=15%3B2&alt_size_ids=%3B55%2C57&us_privacy=1---&rf=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&tg_i.aupname=%2F6088%2Fssp.kstu%26mad_inline%3B%2F6088%2Fssp.kstu%26mad_header&tg_i.pbadslot=%2F6088%2Fssp.kstu%2Fnews%2Flocal_news%2Fdetail%23MAD_INLINE%3B%2F6088%2Fssp.kstu%2Fnews%2Flocal_news%2Fdetail%23MAD_HEADER&tk_flint=dmpbjs_v7.11.0&x_source.tid=69ef0950-bfe4-4bf8-b458-62ce0eeada04%3B96d0aaa5-fd55-49bf-862e-95e01e442118&l_pb_bid_id=484773ab0dc6793%3B49ae873e3e940fb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6088%2Fssp.kstu%2Fnews%2Flocal_news%2Fdetail%23MAD_INLINE%3B%2F6088%2Fssp.kstu%2Fnews%2Flocal_news%2Fdetail%23MAD_HEADER&slots=2&rand=0.8917466537746661
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ef8401338c19bfea748acdc6d6eff78a4bec3640b135e93737f7ddcd027e1765

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 01:19:39 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.fox13now.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 462
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 300 B
485 B 136ms
49ms XHR
application/json 2a02:fa8:8806:12::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 3e7259e223a4335acd4dcd5741f6279161bca832d71e7380a1f3170bf76397a4

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 01:19:39 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 300
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 222ms
180ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

fb2e6909cec4c0ebdb29e5bd124a6e0492cce4aa54dd5fb2a4219e9af3b0f353

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 01:19:39 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7a350872-f4ff-4ddd-b024-b54ff3cbb0cb
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.fox13now.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 get Show response
odb.outbrain.com/utils/ 40 KB
8 KB 286ms
155ms Script
text/javascript 199.232.18.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&idx=0&rand=18445&key=NANOWDGT01&widgetJSId=AR_11&va=true&et=true&format=html&adblck=false&abwl=false&px=325&py=2703&vpd=1503&cw=610&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000885&sig=TU9W8oO8&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpa=1---&ccpaStat=1&ogn=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 84ad680c4d0e81b8cffc46c42843205b31fc74701b5a15afe38881179b158d2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, VIE, Europe1
x-timer: S1663118379.174175,VS0,VE125
accept-ranges: bytes
x-served-by: cache-lga21937-LGA, cache-vie6374-VIE
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 8f40dffc2ca56a218b83117ad68440d1
content-encoding: gzip
content-length: 7792
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 blockedDomains_7.bin Show response
lit.connatix.com/08d73d33-9bb5-9b21-f035-1721d593115a/ Frame 44BA 104 B
339 B 95ms
20ms XHR
application/octet-stream 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lit.connatix.com/08d73d33-9bb5-9b21-f035-1721d593115a/blockedDomains_7.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7b491b7e75f58ce5c0d60bcdf9f0da01d082df493a739458ca0d733795877ebb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
content-encoding: gzip
last-modified: Wed, 04 May 2022 14:04:38 GMT
age: 11445206
etag: "07bbfe91d7886a5178aa8cbc65cdd250"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 101

GET
H2 200 insights.bin Show response
ins.connatix.com/df1f7fdf76884268b7ec61841c4afa1f/ Frame 44BA 144 B
353 B 301ms
229ms XHR
application/octet-stream 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/df1f7fdf76884268b7ec61841c4afa1f/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d1f9c5c64d175a8bc389afa09401c72262f33961d56241d00902c2a397eac4e7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
content-encoding: gzip
last-modified: Sat, 30 Apr 2022 20:36:34 GMT
age: 566496
etag: "5d0f23b2700a2d2ff3e3f3fc4cba4e1f"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 116

GET
H2 200 lightrain.png
static.ewscloud.com/weathercenter/prod/static/weathericons/daytime/ 3 KB
3 KB 229ms
61ms Image
image/png 2600:9000:206e:4e00:10:618e:d880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewscloud.com/weathercenter/prod/static/weathericons/daytime/lightrain.png
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:4e00:10:618e:d880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62e9716cc4c478347347188866b4ce050141e3cf8c061ce8317a8cd0b3f3c7b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: M7xD3moWQTsLQfdy795sH29q3aJO2NgR
via: 1.1 488e01d34d3fb7f21dfcaccec82f530e.cloudfront.net (CloudFront)
last-modified: Tue, 23 Aug 2022 20:16:36 GMT
server: AmazonS3
age: 32
etag: "17933a513015943902291f5216f25a37"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400
date: Wed, 14 Sep 2022 01:19:08 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-length: 2978
x-amz-cf-id: q29NG8VxlNMyNaQMZm2EERrWDKGCAICbrfxH0Qo0bzPS01TZRkBxFw==

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 38ms
38ms Image
image/png 2.18.169.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.169.82 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-169-82.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1662969049.940408"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
expires: Fri, 14 Oct 2022 01:19:39 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 41ms
40ms Image
image/svg+xml 2.18.169.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.169.82 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-169-82.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Fri, 14 Oct 2022 01:19:39 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 465ms
102ms Fetch
text/plain 70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=2a525d8284a0382d133eccad26bef252_38984_1663118379234&tm=617&eT=0&widgetWidth=610&widgetHeight=27&widgetX=325&widgetY=2703&wRV=2000885&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ccpa=1---&cheq=0&rtt=290&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Wed, 14 Sep 2022 01:19:39 GMT
content-encoding: gzip
X-TraceId: 2c3adbf1d8a919b3b2f15ba7cfd4b99c
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000885/module/ 39 KB
14 KB 42ms
42ms Script
application/x-javascript 2.18.169.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000885/module/streamFeed.js?e=1
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.169.82 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-169-82.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f1b242950739491444af49e152bf843e2689019b73a944dde6b4c4ef4860bed9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
content-encoding: gzip
last-modified: Tue, 13 Sep 2022 13:15:06 GMT
server: AkamaiNetStorage
etag: "bc4b571cb8ab6dc3280514442c0e2a06:1663078600.489952"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 14151
expires: Wed, 14 Sep 2022 05:19:39 GMT

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 125 KB
37 KB 1034ms
995ms Script
text/javascript 199.232.18.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&settings=true&recs=true&widgetJSId=AR_11&key=NANOWDGT01&version=2000885&apv=false&sig=TU9W8oO8&format=html&rand=12489&osLang=en-US&va=true&et=true&cmpStat=0&ccpa=1---&ccpaStat=1&scrW=1600&scrH=1200&t=MmE1MjVkODI4NGEwMzgyZDEzM2VjY2FkMjZiZWYyNTI=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=no_abtest&dpr=1&cw=610&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&rw=CR_12
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 13438662fe4bdf325464870da663f8f22b26eeae4df595f37bb87475c681120b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:40 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, VIE, Europe1
x-timer: S1663118379.443583,VS0,VE965
accept-ranges: bytes
x-served-by: cache-lga21980-LGA, cache-vie6374-VIE
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: b88a1d9f9c2db59a91aa3db1611abc92
content-encoding: gzip
content-length: 37766
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK sr Show response
capi-tier-1-us-east-2.connatix.com/tr/ Frame 44BA 0
317 B 610ms
115ms XHR
application/x-protobuf 3.135.86.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-1-us-east-2.connatix.com/tr/sr?v=182145
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.135.86.205 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-135-86-205.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 44BA 377 KB
126 KB 97ms
31ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8827dc6e85e78d6e711fe152b384c9631edfe8a9a9237a74a885790114c47ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128594
x-xss-protection: 0
expires: Wed, 14 Sep 2022 01:19:39 GMT

GET
H2 200 278b5b5f-1f3b-41a3-983e-61fa05902b1f.bin Show response
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ Frame 44BA 7 KB
1 KB 52ms
20ms XHR
application/octet-stream 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/278b5b5f-1f3b-41a3-983e-61fa05902b1f.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dd19803a2dec5ab04300249acf88f3aa98e21c415d651443d4910b99418adfec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
content-encoding: gzip
last-modified: Tue, 13 Sep 2022 21:18:51 GMT
age: 14354
etag: "43b30f4199ade7205c84a4c568f0998f"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 1278

POST
H/1.1 200
OK ao Show response
capi-tier-1-us-east-2.connatix.com/tr/ Frame 44BA 0
317 B 468ms
117ms XHR
application/x-protobuf 3.135.86.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-1-us-east-2.connatix.com/tr/ao?v=182145
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.135.86.205 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-135-86-205.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK g Show response
capi-tier-1-us-east-2.connatix.com/rtb/ Frame 44BA 410 B
623 B 548ms
209ms XHR
application/x-protobuf 3.135.86.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-1-us-east-2.connatix.com/rtb/g?v=182145
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.135.86.205 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-135-86-205.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: 12ec48c36f134b5d9dcf1bec7616bd356b7f661a52c990ff00b30e81715508d4

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 325

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
463 B 83ms
82ms XHR
text/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&pid=elFVolr3moUmO&cb=2&ws=1600x1200&v=22.8.252032&t=2000&slots=%5B%7B%22id%22%3A%22Connatix_Instream_Video%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-213.vie50.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: 4N82DKA24811AZ4WDV38
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Pz427C0mBHZVGk778t0t2vERA8SqQKtTbzGraUyCxPjudX-kxG__vQ==

POST
H/1.1 200
OK ps Show response
capi-tier-1-us-east-2.connatix.com/tr/ Frame 44BA 0
317 B 567ms
115ms XHR
application/x-protobuf 3.135.86.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-1-us-east-2.connatix.com/tr/ps?v=182145
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.135.86.205 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-135-86-205.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 14 Sep 2022 01:19:40 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 0eafd041-3538-4694-8c48-8ec0852c0c79.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 22 KB
21 KB 74ms
41ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/0eafd041-3538-4694-8c48-8ec0852c0c79.jpg?crop=600:410,smart&width=600&height=410&format=jpeg&quality=60&fit=crop
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 25083e75cd6c03ec09d9f58f142cae8847d0b8ad56c2032317e9dea3e2458255

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
content-encoding: br
age: 14353
etag: "FQAq6+uPue6/QIduS3Wq7m0pywwZT89+ietB3cWqxRY"
access-control-max-age: 86400
fastly-io-info: ifsz=60274 idim=1280x720 ifmt=jpeg ofsz=22251 odim=600x410 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 21562

GET
H2 200 0eafd041-3538-4694-8c48-8ec0852c0c79.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 19 KB
18 KB 74ms
41ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/0eafd041-3538-4694-8c48-8ec0852c0c79.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a4fa167295f841b6a56b90598a47e58e846c9449b369a3078f65422c87e7ab4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
content-encoding: br
age: 14353
etag: "Bdto7lMLcnE5+nCF+6K1lFqueuIIq+DUzBHNH/d8x8M"
access-control-max-age: 86400
fastly-io-info: ifsz=60274 idim=1280x720 ifmt=jpeg ofsz=19381 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 18684

GET
H2 200 98411362-15c0-4ce8-8e50-7ae7b03800f6.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 34 KB
34 KB 74ms
41ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/98411362-15c0-4ce8-8e50-7ae7b03800f6.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8253ec3637d7125708e2551d661d2dfeaaf1ffe63f3175d456a6e76376beb7ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
content-encoding: br
age: 14353
etag: "wFVdWtYSIK31wP28TljHgsFXbfQMu0/2z8kpUTyRbgY"
access-control-max-age: 86400
fastly-io-info: ifsz=106345 idim=1280x720 ifmt=jpeg ofsz=34658 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 34301

GET
H2 200 99dfc1d0-799c-4e47-a0ed-b1c4abcc4155.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 19 KB
18 KB 74ms
41ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/99dfc1d0-799c-4e47-a0ed-b1c4abcc4155.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a4fa167295f841b6a56b90598a47e58e846c9449b369a3078f65422c87e7ab4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
content-encoding: br
age: 14353
etag: "Bdto7lMLcnE5+nCF+6K1lFqueuIIq+DUzBHNH/d8x8M"
access-control-max-age: 86400
fastly-io-info: ifsz=60274 idim=1280x720 ifmt=jpeg ofsz=19381 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 18684

GET
H2 200 e18e597b-3a05-4556-9166-990df40537ed.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 21 KB
20 KB 73ms
40ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/e18e597b-3a05-4556-9166-990df40537ed.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 50658b265b5a2f01ca98916e2356bfcc9a3d7da676b3d5fadef9a5d3b6443c04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
content-encoding: br
age: 14353
etag: "l+U2dNyFDM28kRVNaLkhXG6SFdgoBk6j7oyr/rTms4M"
access-control-max-age: 86400
fastly-io-info: ifsz=55666 idim=1280x720 ifmt=jpeg ofsz=21009 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 20615

GET
H2 200 22c312fc-bea2-4687-8bb2-97efeaa36846.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 23 KB
22 KB 145ms
113ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/22c312fc-bea2-4687-8bb2-97efeaa36846.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d1edd0283f438579acf3778d1eb054422a9a4c5236bf65ba4fa78c0fe0c44694

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
content-encoding: br
age: 14353
etag: "ybt9vvEDK0X3iy6GnTjPZARJM3MUjg4y2s722ecilM0"
access-control-max-age: 86400
fastly-io-info: ifsz=69935 idim=1280x720 ifmt=jpeg ofsz=23612 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 21999

GET
H2 206 9837a9f1-f9fb-4231-a528-ee98e7d2c2a9_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 963 KB
0 21ms
21ms Media
video/mp4 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/9837a9f1-f9fb-4231-a528-ee98e7d2c2a9_360_h264.mp4
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
last-modified: Tue, 13 Sep 2022 21:14:15 GMT
age: 14349
etag: "26a141d8e54e19ca7f68a0bea9a0a65d"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 0-1364558/1364559
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1364559

GET
H2 206 97924a3d-8880-4b9b-8770-453200312ea4_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 954 KB
0 22ms
21ms Media
video/mp4 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/97924a3d-8880-4b9b-8770-453200312ea4_360_h264.mp4
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
last-modified: Tue, 13 Sep 2022 21:18:50 GMT
age: 14349
etag: "25469dadee7e20a19e20881d1393f8d3"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 0-1333537/1333538
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1333538

GET
H2 206 17704c7c-2eeb-48e1-8115-ffd1ce64c2f2_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 297 KB
0 21ms
21ms Media
video/mp4 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/17704c7c-2eeb-48e1-8115-ffd1ce64c2f2_360_h264.mp4
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
last-modified: Tue, 13 Sep 2022 21:14:34 GMT
age: 14349
etag: "e551903345ca1465df4c351cf91162ad"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 0-1219685/1219686
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1219686

GET
H2 206 2a051911-f915-440c-9b1a-8a8398f7b13e_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 726 KB
0 70ms
69ms Media
video/mp4 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/2a051911-f915-440c-9b1a-8a8398f7b13e_360_h264.mp4
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
last-modified: Tue, 13 Sep 2022 21:17:58 GMT
age: 7086
etag: "a9435f5905a0f42a6a6074269e51b0ed"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 0-1216153/1216154
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1216154

GET
H2 206 5e97304f-9789-4ce1-ac5b-3775c430442f_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 677 KB
0 70ms
70ms Media
video/mp4 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/5e97304f-9789-4ce1-ac5b-3775c430442f_360_h264.mp4
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
last-modified: Tue, 13 Sep 2022 21:17:00 GMT
age: 14349
etag: "8ba27d42f860e8a47f21b89408e6afeb"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 0-1285324/1285325
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1285325

GET
H3 200 bridge3.530.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame BE06 638 KB
207 KB 105ms
63ms Document
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.530.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa3fecd03a37a2de22e60482c695bdbb64764672e00fa60ff671e15818dcc6d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 63915
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 211596
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 07:34:24 GMT
expires: Wed, 13 Sep 2023 07:34:24 GMT
last-modified: Mon, 12 Sep 2022 18:05:22 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 44BA 44 KB
17 KB 152ms
30ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Sep 2022 01:19:39 GMT

GET
H3 200 bridge3.530.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame BC3F 638 KB
207 KB 49ms
27ms Document
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.530.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa3fecd03a37a2de22e60482c695bdbb64764672e00fa60ff671e15818dcc6d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 63915
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 211596
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 07:34:24 GMT
expires: Wed, 13 Sep 2023 07:34:24 GMT
last-modified: Mon, 12 Sep 2022 18:05:22 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bridge3.530.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 81DE 638 KB
207 KB 33ms
27ms Document
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.530.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa3fecd03a37a2de22e60482c695bdbb64764672e00fa60ff671e15818dcc6d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 63915
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 211596
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 07:34:24 GMT
expires: Wed, 13 Sep 2023 07:34:24 GMT
last-modified: Mon, 12 Sep 2022 18:05:22 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK g Show response
capi-tier-1-us-east-2.connatix.com/rtb/ Frame 44BA 0
317 B 114ms
113ms XHR
application/x-protobuf 3.135.86.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-1-us-east-2.connatix.com/rtb/g?v=182145
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.135.86.205 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-135-86-205.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 14 Sep 2022 01:19:40 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 singleAnimationOnFeed.js Show response
widgets.outbrain.com/nanoWidget/2000885/module/ 503 B
812 B 38ms
38ms Script
application/x-javascript 2.18.169.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000885/module/singleAnimationOnFeed.js?e=1
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.169.82 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-169-82.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a8ffd78cb2525c783d87aedeb03af8282198c208cff5a2c67b1aebd2512d6d25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:40 GMT
last-modified: Tue, 13 Sep 2022 13:15:06 GMT
server: AkamaiNetStorage
etag: "fc25dd6a6ba1141c43b340493c84e5c1:1663078595.958731"
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 503
expires: Wed, 14 Sep 2022 05:19:40 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 102ms
102ms Fetch
text/plain 70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=06b9a7f6f3addc2fd9a944582442b249_38984_1663118379917&tm=1746&eT=0&widgetWidth=610&widgetHeight=624&widgetX=325&widgetY=3208&wRV=2000885&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&ccpa=1---&rtt=1051&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Wed, 14 Sep 2022 01:19:40 GMT
content-encoding: gzip
X-TraceId: 8a2d17976401d94279366a325b004c5a
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 placement_invocation Show response
rock.defybrick.com/ 48 KB
18 KB 99ms
24ms Script
text/javascript 2600:9000:223e:3400:1a:ba5c:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:3400:1a:ba5c:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 00:31:04 GMT
content-encoding: gzip
server: Caddy
age: 2916
etag: "bf8f-sbLSqLgrhMmD0M6HbtAQ/QtX6WE"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
cache-control: max-age=43200
x-amz-cf-pop: FRA56-P4
content-length: 18460
x-amz-cf-id: xMPA44HCSUFbCqtALqrmZW-6NkwURHWPJ0ZJyuCz6KO3-9D-a66HXg==
expires: Wed, 14 Sep 2022 12:31:04 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 202ms
101ms Fetch
text/plain 70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=742d0c8845520f9cda464438342ed3da_38984_1663118380107&tm=1755&eT=0&widgetWidth=610&widgetHeight=780&widgetX=325&widgetY=3832&wRV=2000885&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&ccpa=1---&rtt=1051&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Wed, 14 Sep 2022 01:19:40 GMT
content-encoding: gzip
X-TraceId: 9b921bb9dc68d74b1e0fdca98c72f4c0
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 303ms
101ms Fetch
text/plain 70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=4b3028e1133e8663ae1b0489cbdd2963_38984_1663118380339&tm=1756&eT=0&widgetWidth=610&widgetHeight=624&widgetX=325&widgetY=4612&wRV=2000885&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&ccpa=1---&rtt=1051&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Wed, 14 Sep 2022 01:19:40 GMT
content-encoding: gzip
X-TraceId: 4b84821225a911a838de05484af7a97a
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 eyJpdSI6ImEzYjM4YmI3YWY0YmMwZTM4ZjM4NjRkMWM1MzQwNzBhZTcyM2JkNmJiMmU5Y2NmN2NmMDRhMTQ0ODQxMTViNDgiLCJ3Ijo0MCwiaCI6NDAsImQiOjIuMCwiY3MiOjAsImYiOjJ9.png
images.outbrainimg.com/transform/v3/ 2 KB
2 KB 260ms
32ms Image
image/png 2.18.69.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImEzYjM4YmI3YWY0YmMwZTM4ZjM4NjRkMWM1MzQwNzBhZTcyM2JkNmJiMmU5Y2NmN2NmMDRhMTQ0ODQxMTViNDgiLCJ3Ijo0MCwiaCI6NDAsImQiOjIuMCwiY3MiOjAsImYiOjJ9.png
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.69.170 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-69-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b6e5c2ace13881b4cdcd295aa9a2c36fd888084ed4d3b2993c5075f3dd186699

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:40 GMT
last-modified: Wed, 31 Aug 2022 10:16:33 GMT
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2275500
access-control-allow-credentials: false
x-traceid: 4d7f71fef340f9074872e413ffe38104
timing-allow-origin: *, *
content-length: 1901

GET
H2 200 eyJpdSI6Ijc2ZGM3ZThlMDZmNmUzYWVlOThjZTA1ZmRhMjJmYzRmNmZmZTQ0ZDJmM2E3MWJiYjE0ZGYxODFlMjcxNzc2MGEiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 22 KB
22 KB 253ms
33ms Image
image/webp 2.18.69.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijc2ZGM3ZThlMDZmNmUzYWVlOThjZTA1ZmRhMjJmYzRmNmZmZTQ0ZDJmM2E3MWJiYjE0ZGYxODFlMjcxNzc2MGEiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.69.170 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-69-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 67e99c8c7b00f5a3d067b9ca425b6efd3efba4b18f48da247dfdf285aadc1199

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:40 GMT
last-modified: Tue, 02 Aug 2022 19:37:44 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=762354
access-control-allow-credentials: false
x-traceid: 70c529e88793c754a099aa4a2ad738b9
timing-allow-origin: *, *
content-length: 22230

GET
H2 200 eyJpdSI6IjM2Yzc2MzgzOTU5NzczOWFmYjZiZWY0Yzc2MjQ1Y2JmZTBhYWE0YWY0MzI0MWVkOGQ0ZmNhYjc1NTdmZWE1MGYiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 8 KB
9 KB 251ms
32ms Image
image/webp 2.18.69.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjM2Yzc2MzgzOTU5NzczOWFmYjZiZWY0Yzc2MjQ1Y2JmZTBhYWE0YWY0MzI0MWVkOGQ0ZmNhYjc1NTdmZWE1MGYiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.69.170 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-69-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 11ce3452ba20fdc0fbf5fbe26160de2edcde252060bc772476e8862c7848dfeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:40 GMT
last-modified: Fri, 09 Sep 2022 20:48:45 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2102053
access-control-allow-credentials: false
x-traceid: 228fe324a7fd083891c17873eca4a6e8
timing-allow-origin: *, *
content-length: 8448

GET
H2 200 eyJpdSI6IjMzYjU4ZjY2YWZiZThmYTA2NWU2MGRkMWE0YjFkYzYwNDBmZjQ4NmY5MDRlY2ZkYTZmMWYyZDQwNGFhMDk1MzQiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 45 KB
45 KB 288ms
68ms Image
image/webp 2.18.69.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjMzYjU4ZjY2YWZiZThmYTA2NWU2MGRkMWE0YjFkYzYwNDBmZjQ4NmY5MDRlY2ZkYTZmMWYyZDQwNGFhMDk1MzQiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.69.170 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-69-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8afb8b62e60755118fb0259ec6cd6187273aef33499dad3dcec87e51267fcb2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:40 GMT
last-modified: Mon, 05 Sep 2022 13:09:43 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1732363
access-control-allow-credentials: false
x-traceid: 87d0e6df34a028eb8e02ecf5b62d2b8e
timing-allow-origin: *, *
content-length: 45598

GET
H2 200 eyJpdSI6IjBmMzU5MDU1ZjZjN2NmOTk0ZmJiNTllOTIwYTU2MDIyZDM1ZjFiYTZhYjljYjMxOTYwNjhmY2I1ZmIyMWJlNTQiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 10 KB
10 KB 320ms
101ms Image
image/webp 2.18.69.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjBmMzU5MDU1ZjZjN2NmOTk0ZmJiNTllOTIwYTU2MDIyZDM1ZjFiYTZhYjljYjMxOTYwNjhmY2I1ZmIyMWJlNTQiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.69.170 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-69-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: eca041f2ffe775c370176cc1824dd4c959f6a69e43356da7afdb14f110cc4638

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:40 GMT
last-modified: Sat, 06 Aug 2022 11:17:19 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=863779
access-control-allow-credentials: false
x-traceid: c31915fed9837e0433bbe28168ee2a99
timing-allow-origin: *, *
content-length: 10206

GET
H2 200 eyJpdSI6ImE0YTYyNjNmYjcxZDkzYWY4NTI4OGY2NzU0YmZkNjcxODRlYzViMzAyNWZiOWU2NWNhMGEwNDUzMDFkNTdlMjMiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 38 KB
39 KB 320ms
100ms Image
image/webp 2.18.69.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImE0YTYyNjNmYjcxZDkzYWY4NTI4OGY2NzU0YmZkNjcxODRlYzViMzAyNWZiOWU2NWNhMGEwNDUzMDFkNTdlMjMiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.69.170 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-69-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3b2e1dc6895303cc971995ddf6a2470764398b40893f267bd6023f3d6aaa6514

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:40 GMT
last-modified: Tue, 06 Sep 2022 18:24:23 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1838956
access-control-allow-credentials: false
x-traceid: 3ec64973a8dae15ebff67c9ce3955721
timing-allow-origin: *, *
content-length: 39200

GET
H2 200 eyJpdSI6IjI5ODE1YTMyZmI2NWE2MTMyYmNlNjA2MGFiM2U0NGNlYTk4YWMzNDY1NzQ2ZmQyODk4NjhlMDQ3OTg1NmY5MDEiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 14 KB
14 KB 96ms
96ms Image
image/webp 2.18.69.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjI5ODE1YTMyZmI2NWE2MTMyYmNlNjA2MGFiM2U0NGNlYTk4YWMzNDY1NzQ2ZmQyODk4NjhlMDQ3OTg1NmY5MDEiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.69.170 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-69-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c160550ec10b144f9f3bace98f8983d5960fae45d7a0277c3e2abeb29b16012d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:40 GMT
last-modified: Sun, 17 Jul 2022 19:57:45 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=519854
access-control-allow-credentials: false
x-traceid: 5f7449bb124604d4391c6f77cc4ff09e
timing-allow-origin: *, *
content-length: 14368

GET
H2 200 eyJpdSI6IjY3NjhmOTQyMzNmZTZkY2MxMDFiOGY0MWNiOTBiNWZmNDc4NTAxMzU4ODk1YzFkZDAwMzdkYWYzYzY2YmM4NWUiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 15 KB
15 KB 96ms
96ms Image
image/webp 2.18.69.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjY3NjhmOTQyMzNmZTZkY2MxMDFiOGY0MWNiOTBiNWZmNDc4NTAxMzU4ODk1YzFkZDAwMzdkYWYzYzY2YmM4NWUiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.69.170 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-69-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 216b0aecea7ffbd118761060e2fe6c03793ce63effc86bab7d295b3500ba1a50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:40 GMT
last-modified: Wed, 20 Jul 2022 12:44:39 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=331768
access-control-allow-credentials: false
x-traceid: 4c935db2342b347a727eff6819fd893b
timing-allow-origin: *, *
content-length: 14916

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 91ms
29ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.fox13now.com

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Sep 2022 01:19:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 92ms
31ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.fox13now.com

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Sep 2022 01:19:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
17 KB 275ms
275ms XHR
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3400557250868076&correlator=3999882286987799&eid=31068929%2C31069183&output=ldjh&gdfp_req=1&vrg=2022090801&ptt=17&impl=fifs&us_privacy=1---&iu_parts=6088%2Cssp.kstu%2Cinview-bottom%2Cnews%2Clocal_news%2Cdetail&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2F4%2F5&prev_iu_szs=728x90%2C300x600%7C300x250&ifi=1&adks=173361388%2C3237403784&sfv=1-0-38&fsapi=false&prev_scp=categories%3Dhomepage%2520showcase%252Clocal%2520news%252Cinstagram%26pt%3Ddetail%252Cfalse%26fname%3Dbillionaire-utahn-to-give-away-90-of-his-wealth%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dnews%252Flocal_news%252Fdetail%26refresh%3D0%26amznbid%3D2%26amznp%3D2%7Ccategories%3Dhomepage%2520showcase%252Clocal%2520news%252Cinstagram%26pt%3Ddetail%252Cfalse%26fname%3Dbillionaire-utahn-to-give-away-90-of-his-wealth%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dnews%252Flocal_news%252Fdetail%26refresh%3D0%26amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1663118380490&lmt=1663118380&dlt=1663118377955&idt=965&adxs=-12245933%2C975&adys=-12245933%2C936&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&frm=20&vis=1&psz=1600x0%7C300x30&msz=1600x-1%7C300x30&fws=644%2C4&ohw=1600%2C1070&ga_vid=1413820601.1663118379&ga_sid=1663118380&ga_hid=637968196&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5baf9cf3594d6cd878e50c96f7548d7011c96441605d8c0f52391e9133654b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17376
x-xss-protection: 0
google-lineitem-id: -1,6094964047
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138402140460
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9CE4 6 KB
4 KB 176ms
27ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 01:19:40 GMT
expires: Thu, 14 Sep 2023 01:19:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 54 KB
13 KB 83ms
83ms XHR
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3400557250868076&correlator=2730397903939251&eid=31068929%2C31069183&output=ldjh&gdfp_req=1&vrg=2022090801&ptt=17&impl=fifs&us_privacy=1---&iu_parts=6088%2Cssp.kstu%2Cnews%2Clocal_news%2Cdetail&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250%2C970x250%7C728x90%7C970x90%7C994x30%7C10x1&ifi=3&adks=1130257580%2C1666007649&sfv=1-0-38&fsapi=false&prev_scp=categories%3Dhomepage%2520showcase%252Clocal%2520news%252Cinstagram%26pt%3Ddetail%252Cfalse%26fname%3Dbillionaire-utahn-to-give-away-90-of-his-wealth%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C2%26au%3Dnews%252Flocal_news%252Fdetail%26refresh%3D0%26amznbid%3D2%26amznp%3D2%7Ccategories%3Dhomepage%2520showcase%252Clocal%2520news%252Cinstagram%26pt%3Ddetail%252Cfalse%26fname%3Dbillionaire-utahn-to-give-away-90-of-his-wealth%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C2%26au%3Dnews%252Flocal_news%252Fdetail%26refresh%3D0%26amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1663118380526&lmt=1663118380&dlt=1663118377955&idt=965&adxs=325%2C-12245933&adys=2151%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C-1&ucis=3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&frm=20&vis=1&psz=610x30%7C1500x0&msz=610x30%7C970x0&fws=4%2C132&ohw=1070%2C1600&ga_vid=1413820601.1663118379&ga_sid=1663118380&ga_hid=637968196&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8b67c0c2bce8509bb57931a069ffab7122083710b37567c9c0897b6944b1326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13449
x-xss-protection: 0
google-lineitem-id: 6094964047,6094964047
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138402582142,138402140463
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_pla Show response
flint.defybrick.com/ 3 KB
2 KB 386ms
136ms Script
text/javascript 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&sf=0&k=&idx=0&ch=&ext=&np=win32&nv=google%20inc.&rand=13682901275027211029070519025280146806471955722355127198666853286565&nc=0&tsf=0&tsfmi=&pv=0&cb=1663118380609&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=585161733&at=&bid=e30%3D&di=W1siZWYiLDYxNjVdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6NSxcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQgd2ViZ2xcIixcInNlZlwiOjEwNTE2%0D%0AOTQwODksXCJzZWNcIjpcIlwifSJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUp%0D%0AIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAg%0D%0AICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAg%0D%0AICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAg%0D%0AICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJs%0D%0AZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAg%0D%0AfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAg%0D%0AfV0iXSxbLTEsIi0iXSxbLTIsIjUsZVlHOVgxL1gxdFpsUzIyZDUxeDhZTlk5TXhKUUVNQ2RVQkhK%0D%0ATDg2TDIzQUNHVWhCSXdJU1NFRUFjSUpmUmVBZ1FJRUZvSW5kQ3h3UVhqaG8yNzE5Nm1Nak92L3I4%0D%0ANzB1eHFGeCJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwibWhqZmJtZGdjZmpiYnBh%0D%0AZW9qb2ZvaG9lZmdpZWhqYWlcIixcImludGVybmFsLW5hY2wtcGx1Z2luXCJdIl0sWy00LCItIl0s%0D%0AWy01LCItIl0sWy02LCItIl0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFst%0D%0AMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCIsXCJvZzp0aXRsZVwiLFwib2c6%0D%0AZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6ZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6dGl0bGVcIixc%0D%0AIm9nOmRlc2NyaXB0aW9uXCIsXCJkZXNjcmlwdGlvblwiLFwicGFyc2VseS10aXRsZVwiXX0iXSxb%0D%0ALTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQsIntcIm9cIjowLjE2MjA2ODk2NTUxNzI0MTM3fSJd%0D%0ALFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiNCJdLFstMTgsIlswLDAsMCwxXSJdLFstMTksIlsw%0D%0ALDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2%0D%0AMDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiXSJdLFstMjAsIjE0MTM4MjA2MDEuMTY2MzExODM3%0D%0AOSJdLFstMjEsIlRVOVc4b084Il0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjMsIisiXSxbLTI0%0D%0ALCJbXSJdLFstMjUsIi0iXSxbLTI2LCJ7XCJ0amhzXCI6NTA0MDAwMDAsXCJ1amhzXCI6Mzk2MDAw%0D%0AMDAsXCJqaHNsXCI6Mzc2MDAwMDAwMH0iXSxbLTI3LCJbMCwxMCwwLFwiNGdcIixudWxsXSJdLFst%0D%0AMjgsImVuLVVTLGVuIl0sWy0yOSwie1widlwiOlsyLDIsMiwyLDAsMCwwLDIsMCwyLDAsMiwwLDAs%0D%0AMiwyLDIsMiwwXX0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIi0iXSxb%0D%0ALTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNjYzMTE4MzgwNjAxLDBdIl0sWy0zNiwiW1wiNC8z%0D%0AXCIsXCI0LzNcIl0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTM4LCJpLC0xLC0xLDUyMCwwLDIs%0D%0AMCwxMTQsMTAzLDMzOCw0NDYsMCwxNTA2LjIsMTUwNi4yLDM2NTgsMzY1OCJdLFstMzksIltcIjIw%0D%0AMDMwMTA3XCIsNCxcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0%0D%0AcnVlLDgsZmFsc2UsbnVsbCwzXSJdLFstNDAsIjMzIl0sWy00MSwiLSJdLFstNDIsIjE3MjQyOTc2%0D%0ANTMiXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEwMCJdLFstNDQsIjAsMCwwLDUiXSxb%0D%0ALTQ1LCItIl0sWy00NiwiMCJdLFstNDcsIkV0Yy9Vbmtub3duLGVuLVVTLGxhdG4sZ3JlZ29yeSJd%0D%0ALFstNDgsIjAsMCJdLFstNDksIi0iXSxbImJuY2giLDM3XV0%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A325%2C%22y%22%3A3200%2C%22w%22%3A610%2C%22h%22%3A27%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=KlqkD76atM&sdd=%7B%7D&pto=3667
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 313a777d2798450af9dd10440bb611f5f9f26776ff90797188120343220c5418

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 01:19:40 GMT
content-encoding: gzip
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript
content-length: 1587
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6d6d25e3-5be4-444b-82ae-a8f0bb892234.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame A2D0 96 KB
24 KB 30ms
30ms Script
application/javascript 2600:9000:219c:2000:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:219c:2000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b96e6beab93cd979f18edcb11b5b9c620f4cf74e43aa3a2b0406cdbb4739c676

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: 9wKw90O6OLYQVSQjAP8lq5XcV5Wycjaq
content-encoding: gzip
last-modified: Thu, 14 Jul 2022 18:53:52 GMT
server: AmazonS3
age: 4906
etag: W/"1b3451aff703aa6bf4280ce6308cc11c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f46632dd252c85fed57bcf18d61d8544.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
date: Tue, 13 Sep 2022 23:58:36 GMT
x-amz-cf-pop: CDG3-C2
x-amz-cf-id: f0n0FPuoJ_IkhZIZpih0Kwi_hpwNaskfmsfe_7FkYea23tKK06vZbw==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A2D0 0
0 60ms
60ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcFjvhpHGjSmx5b8Cv4fcJxDcmyK3ff0DyfeQ5yreZb2VG1MtniIJej5bsDzuxJGlQ2lgOjCxCtkwPcZDVWcyt52tSBF1ZXlCUdgWlULfegLSMPp2_84_7QxyWvC-7tSy2eAis_H1ma_dijcTSKHgpWiab3d4rPqkoZu2mH2HU7B9kjaNJ2OdFpmFlVLV0zelnaS2-Lp2gUPPY3GThywewkdceIit1Y_Fk-gbhyuR0dz_a7KkSgstrT9nJ774WpGYSemPDn4gewYG5ViSr7vXF5o42L_MBKQJ5l6kJhkwd8MYTgzGj3RLsEmkYA2zYmqpd2SmIR-y5pmyV40800nPDRA&sai=AMfl-YT66ASpW7v1Hc-Xy7j63GUmpctQn2v7QE6yG9of4375w-ifn6uly6X5fVn1zi8ndEl-Kx-BWIttul2Qmx5r8F7VRfMc4nWjhZMwNHEZzGffNjjjsTtJGC4jsseRP08X3Q&sig=Cg0ArKJSzO9mMz5aC6FDEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Sep 2022 01:19:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 14 Sep 2022 01:19:40 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame A2D0 3 KB
2 KB 79ms
20ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 00:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 00:45:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A2D0 142 KB
44 KB 93ms
32ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44876
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662981969255015"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 01:19:40 GMT

GET
H2 200 13603323336626831116
tpc.googlesyndication.com/simgad/ Frame A2D0 23 KB
24 KB 80ms
21ms Image
image/gif 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13603323336626831116

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b6fefb5e7f434251db09b8e38b6480bb91fe9274c98bbd6ad8192b214057ddd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 04:06:35 GMT
x-content-type-options: nosniff
age: 508385
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23985
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 13:34:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 08 Sep 2023 04:06:35 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A2D0 0
0 71ms
28ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTE2ZJx0SusKIkZlxD-04zQXM_U17KFrm1SOP96k2vhgrrnuuIL1Vp8oLjgHnmxR0ryuZ35zQgto-KxxqsuF9ShZfuG3A
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 175ms
20ms Preflight 18.195.227.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.227.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-227-5.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.fox13now.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Wed, 14 Sep 2022 01:19:40 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 6d6d25e3-5be4-444b-82ae-a8f0bb892234.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 78A4 96 KB
24 KB 33ms
33ms Script
application/javascript 2600:9000:219c:2000:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:219c:2000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b96e6beab93cd979f18edcb11b5b9c620f4cf74e43aa3a2b0406cdbb4739c676

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: 9wKw90O6OLYQVSQjAP8lq5XcV5Wycjaq
content-encoding: gzip
last-modified: Thu, 14 Jul 2022 18:53:52 GMT
server: AmazonS3
age: 4906
etag: W/"1b3451aff703aa6bf4280ce6308cc11c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f46632dd252c85fed57bcf18d61d8544.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
date: Tue, 13 Sep 2022 23:58:36 GMT
x-amz-cf-pop: CDG3-C2
x-amz-cf-id: 7tDIs-wkHFZZYisnZGFY30thZkQQTMAoQkuXcwDu7VmBlULHI5vMgg==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 78A4 0
0 61ms
60ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwGXz4ZI7M4cgcJms8sHdnxMDCyyd54ULpKZv06ClE__kRi1mpOhByi4dKTYp1plPwM1o_LPl_yFMOJjIqYpqm40WsjueFbXJ1u43k3Q_EbgYWRM5jLFX8VIxAPSdByJ0A7COhXkBWE6BJXULLVuU5P0a8s4H9A7Mani-JOg9u6LwknALB4V3zjkEsJTk6rKYtFnCRqcqdkmfASwPvEq5uGo89OMT5AxylGRQBQgI9TDx4M5pvgkqx6P5H72N464-8kgCux_9qQItyXuxDsXSXokLpKdsz12Koq6epegrUDk4o8CbmJrkH6q5F8d88VRhXKjVEcGRdW3JzzuIw987Q0A&sai=AMfl-YQgxLUin96Of3QpE4yDzkrME6T6DKwsQMHrew2IMxgKakPlnmz-LKAq9G0ZhKCcBZAOUklE1b5naemnPVG7_OUW0gSXz2y5dg9Kv0f9ftQgk8XtDRVIomntxOAjJ0aJ0w&sig=Cg0ArKJSzGupQEOIdNNBEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Sep 2022 01:19:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 14 Sep 2022 01:19:40 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 78A4 3 KB
1 KB 71ms
20ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 00:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 00:45:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 78A4 142 KB
44 KB 112ms
59ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44876
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662981969255015"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 01:19:40 GMT

GET
H2 200 4424216533791905186
tpc.googlesyndication.com/simgad/ Frame 78A4 128 KB
129 KB 81ms
41ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4424216533791905186

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

318105032b521ca177fd1918c5f40e00315f3b6498bd320c3c62021aaa368c51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 14:31:39 GMT
x-content-type-options: nosniff
age: 470881
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131557
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 13:34:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 08 Sep 2023 14:31:39 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 78A4 0
0 62ms
28ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSvmIQGy3rZcx85SyM8IAw1c_oB3JC6AU1Zus4AKGrNQJl6dhGdJirKkZvNHmwJzcOb_tpLvVRTgZlCni_vcxVEyJtikQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

POST
H2 202 event Show response
prebid-a.rubiconproject.com/ 61 B
225 B 20ms
20ms XHR
application/json 18.195.227.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.227.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-227-5.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 14 Sep 2022 01:19:40 GMT
content-length: 61
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json

GET
DATA 200
OK truncated
/ Frame A2D0 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d28a5de7127d50b0a74772b8d88538fc16a13897c6c5f19ff61a6830763b12fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 78A4 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff0082686f208dfb9abf8f7223c17915003bd817693b474e9f6aa73d6440cfcb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 202 6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/ad/impression/ Frame A2D0 0
488 B 286ms
243ms Image
text/plain 2606:4700:3032::ac43:cb69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=774077
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HY4Urf%2FdHAE2%2BOkWyzijiPTNSlTwe6uRI2a3NvyOCNqMI6K4E4k3Y1I4H9a55iQTip4LKg%2BcJNriLMW1YNeA1%2FWBq65TMgKeI9Vsi%2FEI2vmQKtCeX6d%2FjwgzpPdGlC6mPuOt6faaBotLX6531rxgQ16lZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 74a54bb79c749226-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: FxSVWxkvKTW1lBwAH1sx

GET
BLOB 200
OK 6ebf1856-ea4d-405d-a8c8-d3f865a06260
https://www.fox13now.com/ Frame A2D0 789 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.fox13now.com/6ebf1856-ea4d-405d-a8c8-d3f865a06260
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length: 789
Content-Type: application/javascript

GET
H3 202 6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/ad/impression/ Frame 78A4 0
527 B 269ms
243ms Image
text/plain 2606:4700:3032::ac43:cb69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=618272
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FaQRM16BYhsDGlGVuaaf7nqVPVwlC2oxSAG9ghXjR63OVWnGVRwps%2BGBNky5USNBP0iWB11dCrphHT8MtcYx5tT5%2Bjy0PdDPZNUxOM%2FnxQSrYGC9bVfoSw2%2FAgUl9e9pTgbzvo5a51d%2FYvWW4JsE%2BqCYLw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 74a54bb79c759226-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: FxSVWxkeKdiQBV8AEmFx

GET
BLOB 200
OK e24b0526-c5b3-41b3-811f-76a9b9da572d
https://www.fox13now.com/ Frame 78A4 789 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.fox13now.com/e24b0526-c5b3-41b3-811f-76a9b9da572d
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length: 789
Content-Type: application/javascript

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A2D0 0
0 58ms
57ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmXDlazzcKMVSnTHHE3ZKNGjl0K6i1aWB70wga_3j_44CFwNseEfwtQ5SDPzSxGIaNMg4VRER0QSB-Zo681aICR-1mglufC9pWOs156Npciw9vqg2BPw-JIJMyVrlRRcVCdaG-lInB88BfPknmFsWyVQ93TpACQGSVDzsrh8LY3PiJWRTAMp05xfX2q2t2dNcwGKh1xH6-ZM0S1Gm2ZI4DLWGEXHAL_fOCIzAtjPwiBG89Qq2nnyv1xOE4-PJbCu7WvTjoEeFNnWKRM29x60rCs0rzX9X21eq9jlkVdpsaX7crQ2eU0e_2BOJ_kcEFiM9FWvc6zKFMW7pSX0T4lYoDbjTW&sai=AMfl-YTIkA0ykag3WhSNp5e8ZmKzC0bjW0DgZ5JeXMUGlC9w72f22X638MMt-0HCQq9G9DUOUNHIEnSZpSTv771Tl6j005XsWlhfYMemUkvdGM-T1_Z2TFyCdIGDO6UdMBEcmg&sig=Cg0ArKJSzHwDXKU1c5SGEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Sep 2022 01:19:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 14 Sep 2022 01:19:40 GMT

GET
H3 200 container.html Show response
af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F9D4 6 KB
3 KB 66ms
21ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 01:19:40 GMT
expires: Thu, 14 Sep 2023 01:19:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 19ms
19ms Preflight 18.195.227.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.227.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-227-5.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.fox13now.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Wed, 14 Sep 2022 01:19:40 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 6d6d25e3-5be4-444b-82ae-a8f0bb892234.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame F051 96 KB
24 KB 32ms
32ms Script
application/javascript 2600:9000:219c:2000:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:219c:2000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b96e6beab93cd979f18edcb11b5b9c620f4cf74e43aa3a2b0406cdbb4739c676

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: 9wKw90O6OLYQVSQjAP8lq5XcV5Wycjaq
content-encoding: gzip
last-modified: Thu, 14 Jul 2022 18:53:52 GMT
server: AmazonS3
age: 4906
etag: W/"1b3451aff703aa6bf4280ce6308cc11c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f46632dd252c85fed57bcf18d61d8544.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
date: Tue, 13 Sep 2022 23:58:36 GMT
x-amz-cf-pop: CDG3-C2
x-amz-cf-id: uQ6RPmE2EtQZUmBL87u3zs0csxhtGvJJr-IH2V2lSuT0MvGWjJTShQ==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F051 0
0 60ms
59ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucl6au271PbEnsDRLo4WTHOQarayvarWUtkrxg1CCE2Ixg8gB2si3U5XaVHlKXZAOOimhg5EXYcjJodtunA4Vq9IYBWeo5LVRGcyVKU6RXeeli3a9SnSjITfZg7Z4a7ISa-TsrByLU53cdyGeOALEn1-Sv_5hxcC0fzODlLaCz7bMXRTy5DDB1uwLlfNLVDtJGWLb-UM01T8gLQA9UN1FdrTNMlzP08NSsEvA_PdwhPXD_dALAIlr_M6zL1oD9HqA2YiKvfG5TPaOLGwkH1Om9EnyyDkjVcqztA4XCfurpj2vpO-pbBoUQ4blJ7f5U-z23wIyPHNZYtG687kCce9GvYg&sai=AMfl-YR3bF7dVRpFHvA0OxcREK1SPxxbofTf2idwOg0lzXzrg_rS3E3YaaMGgzbQT9JD8getAuf2c7o0EE8Mg_J-ErN0t-PEakEFMlFRFV0jj6gyiGVyhFGgyYZuE_vSk7mFB-M&sig=Cg0ArKJSzB3-Y0wi4IgfEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Sep 2022 01:19:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame F051 3 KB
1 KB 67ms
21ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 00:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 00:45:34 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F051 142 KB
44 KB 72ms
29ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44876
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662981969255015"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 01:19:40 GMT

GET
H3 200 4287060150225453424
tpc.googlesyndication.com/simgad/ Frame F051 46 KB
46 KB 68ms
23ms Image
image/gif 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4287060150225453424

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b1e44312a8b4071b282b59ebf5ece75b2178019f0a123669e8f01c9b65b1ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 10:37:11 GMT
x-content-type-options: nosniff
age: 484949
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47234
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 13:34:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 08 Sep 2023 10:37:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F051 0
0 27ms
27ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRMkkNJhL-lJ_8hQqvXIGFJm9oG1NET9tSU7QOrBb5eXmmJXR3LZXf02qWUDSG2bRkecRCWR2fO8pLuM27OYZIHFiQZGQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

POST
H2 202 event Show response
prebid-a.rubiconproject.com/ 61 B
225 B 20ms
20ms XHR
application/json 18.195.227.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.227.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-227-5.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 14 Sep 2022 01:19:40 GMT
content-length: 61
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 78A4 0
0 57ms
57ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9gvZy4JEqv23ZkJs32veiuAKN8KzMT1K7Max4Z5KfxHl4gMbqMjIiKxq5TxaJkoALVK0EmtYAcA3KdolRxXknNQ3G0IZ0Qk3LxQrO5wudN6NuINlCcRVXnRU5EVUZ2W1fTwx_0DDzwJvQOsl59HZQQhr0J_VeMpgCAG99JtznQOF5tIargBPUdRbSXyqyb32KcqOOnLSJJCJbbIZ39iyyntAXWz2lEUq9iz1AdGtHXOIhz7kKP-tvA6LVnnUercHUuclqT0DCeWvS0xKsCBUQDKvje6PIQGbQMq-YwbYe8M5kjDoJD0iKKqk6HYafw_Go6AmxwEJbyaqju-oeAh21nrf9&sai=AMfl-YTee4La6oRzV4ec4ObtWibYvVeUVZn80RVBk7-18LuyisCipilK5dGwsuWT3ik66ssit7xD4i95bXmmR9pbC4ZEog2OUQ_hCP7J96wvl1FLrDXt5V9rTcgyqWMU-61iSw&sig=Cg0ArKJSzKsIQnUeWWL-EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Sep 2022 01:19:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 14 Sep 2022 01:19:40 GMT

GET
DATA 200
OK truncated
/ Frame F051 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afd7b328d517be9b39cc18660e259606627f434e856e584f8d004a5c9ff5a78b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 202 6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/ad/impression/ Frame F051 0
485 B 234ms
233ms Image
text/plain 2606:4700:3032::ac43:cb69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=907127
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=glPeQQqQfL9rm2cLYoOtsfZdhl5fF5TlOQhCJPIPVsPWLKZQbwqzuSBLf2n5wj2lOETqFazq4FcDl2oAMb6kYMP7n0t%2FCvC5lCF9VFEoRV%2Fe2EL35iXQF0ASUhMvMuCSFZhPsDbG%2BQRvLVewsd6GRVEeKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 74a54bb86cd59226-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: FxSVWyB012qcT9cBxtrx

GET
BLOB 200
OK 7dde2b4b-e646-4faf-a5a9-eee7754e1467
https://www.fox13now.com/ Frame F051 789 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.fox13now.com/7dde2b4b-e646-4faf-a5a9-eee7754e1467
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length: 789
Content-Type: application/javascript

GET
H2 200 6d6d25e3-5be4-444b-82ae-a8f0bb892234.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame F9D4 96 KB
24 KB 33ms
32ms Script
application/javascript 2600:9000:219c:2000:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by: Host: af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com
URL: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:219c:2000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b96e6beab93cd979f18edcb11b5b9c620f4cf74e43aa3a2b0406cdbb4739c676

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: 9wKw90O6OLYQVSQjAP8lq5XcV5Wycjaq
content-encoding: gzip
last-modified: Thu, 14 Jul 2022 18:53:52 GMT
server: AmazonS3
age: 4906
etag: W/"1b3451aff703aa6bf4280ce6308cc11c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f46632dd252c85fed57bcf18d61d8544.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
date: Tue, 13 Sep 2022 23:58:36 GMT
x-amz-cf-pop: CDG3-C2
x-amz-cf-id: nUFCnl0ROCwVtcMkjccHlZd3rHHeoV4QRM0WABuAwgB9m-KAxPm3pA==

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3BF0 624 B
838 B 81ms
32ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COm_ExDK3oEBGMro29IBMAE&v=APEucNUlumLnTGb6AS5mObFYbJERB-tWpll734_UJ2YmD65zSCwkvQJ-T-X1qc1wmeIyNZLhQOh3OKE4gUnubaWQkjiIrUxH1v6xaTI8bKpLp1EJ6N4l8lYZcQwy4eZ_-6QA_xQpDuPHTJ3O7dSuTkxdwl7l7MMoWuLXD2wnCw9pFukEowhv33k

Requested by

Host: af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com
URL: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 01:19:40 GMT
expires: Wed, 14 Sep 2022 01:19:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F9D4 78 KB
33 KB 109ms
60ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DcBJoA5Va3muXjGPWocLpYtCmmr6DVIphzWNM0OpPoR-EeGzwRp5g6s7qk3xzt8Nlf7yGyjGdkTVlPod3_YrnTUufMqA&cry=1&dbm_d=AKAmf-DUWt2cHQbWEtTiM1ZdnQ87q653wAFh4C57rDl2wG-kFzGCprmb-V_BCsJU9DZA7XCLdhQvd_ypSSvj7caeOkGozS6jbKTmUfBoQQ7T_bKgGkId-SyqzkabvM_FZ-cegm6iCoHcgNDpFWhlr0-QYAvFYDOl8aM2r4rVvbLv48nN_qysCPj2Lb1lCZt0ReDcdrs7_SiaxnRHNogDtmMARrbNtQE_gjB5PTyhoPuYWmN5YiEmc5Hlu9R4YUfJIgpVLbhmO5t5F3TYCZFFaJ_rVJBEuYby735U9Meg7pTrm0COG8R6LdPb0x-4d8kkUVobPwhmcTLs9tcyXK7ZsPOlcTJLKdE5743mYS0dyYJXmdgh_1Gmak71mthwLupZBxnYdeFDM6p7S_UirsShjSJz_IGGUZPGa87vvB7ZAfzWvMsmdw2-eIGgZu8Qaby_DE64R8hw_sJ14H0pea1Y0h1FtLnHwfGhpDLYH_lnDT5B9RTNwe6Y224DlH6fIkxUJNTkunjaAINuamBO6By95rFIkQcKqCiR0UZQENXusbSLviKLUGTJcFDFzvFJ0-1GIHNSTwyihfzNmOzjg1UtfaYEV8lrcHemg2uXcB36fOXyYgUWY9zKvwYn3ULzMiAyL5So335KJTkl_I2JSv-bkCno6ULidj7BEDeVRM2kkUnzG9C6e_frgse7XJZh1t4NhYJxEVdy6G5HtvFkYmL4ce3CX2pqkGNc3tljvldkcYQhJ2aII_IWw-JGHlhiSaBS0U8OIvuj913Quw3PSTCFeyTWg95SZhp4iGPSZfBk3DO0yd9frOYImE9XIucuZzNlqhsuuXxNeb-l0WwwPpH0bIikjunMh5PG2pYzMbP6ckuompYv3US3oVAJgatDhenX5S5rBX4iPbXgWDOJBgl8qxRAIwGPQpPVcSygE8azy4XmC1EgaSw0VMLuf1QnGx2WgS1VeKYNsyhf-W_F7CPAEY-R5eW9oyUsRl7jtmY3DU60oR9k3CTT7h6Yg9DR_V9jNrw0L6ZQu31r_GT8p2xC3SmZDI831b3t4rFT_IYcSAjT31Ur71vvbh_OpGJWYhWqT4CPtoUHjRJrN3U0MhJYHrQC59Z47ebzFqZjCZI9knYt0YnJhktMvSKQHCsNdmHPImIj4XunRlNhgZjjut0Pn1ysFrHKIY-cRFJQfwHCVSA0oRN3M_3ESAGa_9TXSf1r9auwOF0b4V9p9rpZhEsMP0LCucljktwzrx7XBTuHcVCnwI0oV82-mdE5-6E2nOuZwrVqoSD4IrQENU-ocjuEcms0WoCk1KEvVlwfsEzERz4WxkW4ObLqVkT0LAFRdRRMxfRRKGvoMO63akDoIlHfd7KtyyxZF-DI0AXQ9d-yWP63cg95p-NYetGkmfpu96F_2wbESCtpTzoP1Bix9FDzUtbQogrmvKEl4TupLVpatdbNvnt-NkKO092dMQKIRCP5-LtxPIkL_7vLq2ACY3MolbiiAKScKGQlCNNbEWbXta9ftxmXDS06XwCzJx6wI_6oAcPUmm-bzeke2KvRmfS__QHRCV6nH7svUjxId5bhRAn-qsGznr_r_gz2SV3qyB0QwlKVv5s5g_eky37BIH0JwHD8AOzEH1iHwu4yMRNL1oynwWhtjq51jePI_HB2th_iNjSxlvpkoQPXiGVk_WKDh0DAtZmufuyqr7ZGhrrxa1_AXKCfNLnNTmUFxuLt6Ok27VMxITCty0GdrJSlRbO6NXc8NBvCVHexQtpN9s-vL86RgQC9Gb3wOQrMpa2X37LOAIrT-VVZBmTUP9g061hH5_6OZh8DJYWdO3onsbVOcCecsnRa2aNmi6bOxC_urHH026jtNQ5lycH9FAueUVbqr5sJrT-KQ0PuAmBMPPJc6kMg6dMs5lKHW6GERzQjknY-FAQTNNquSN3Nw02zH0lqEk4JpJg7NV73QWU1xbTWwq3h68GivSJllOz-GNeIdpcF_DdBpv69D8RO0wM-18o5eVTVsqxEAP4PGc-5QTCSBrH__6cjw3RLWoCj9oYC48DCm0o197hPGMcisKypvXjk5CQEnKBHTfLSiCR0ptA3_vlqudHAHJCYg2UK2WqSvzX5fhUJVrRwuNRJvgzHYVAfjtuIV6Bv5sHxfHqbUpmRbbFeTr44xvFQLFQkyb5tZYYETqQD8Q27qE7R77zzzzOdGSX_zj2mAfy6GtkREgGPVrfgcDxCGxurePERA3FFY1mpRk4kD9kIvaXDkZXcMjHWQyltJN6hX9b19efe2BcJ4_dTi6Mizc_jxJcy7L_NqSleBsok84hTriHPrk-NgDrHBAKmZjclpqIHlRLXfFUZQcaFSFfUolsbEj_bHIsEZpBOIvAQm2vRq7ouy4HkmU2Fe_FA_MhsRazyzlvn2qCaSZRh8pr-ARg7Xh7vHL9akyv0GnRrRG8PPicwFpuE_-kH47L0GQvAmgU_5gO4IreEGNQIdZ4NueEAFDWLl5uQ6sojiG8lNqXyk9pVWCiVUVpBB7T_97iCqV3wKBWP8onuWmLC5UTUfNAx6Epj_kDO__oq3itMxZBqL8NxHWO2UQbXQUpiiS4-AQHn1TEV21VSLIwjP0Yp_NmFrpa4iJQgMZDQrk-w4c53WTPDX5ko536p69IbKnBjEQG3Ow2M9TiSehCfmNngqpAf5n-5akAX_H7LQgUUlZfSOk_S8dEnUndK6Faja5p_sTe-nNLHC6WYbHQYZFETm7JAfncQbfAJgbm8Mhu26jw8mNAvRhmKTf5C9F7oP_LEgNrmcGAztu6lfw7gqVyZqbQBOlkJ7yQXJBF6scDghtW2diqIu-gC9Jmiz7ipoerrcGZUai7jYVo3CT4r2-xoV1jB7i0MThdz5j6tiJ1F9dFx7pYejFL4R1eOlqT4bpfUwFPGR8XPAKW7jjSnoGRzlkEjVF2CiMWcQwGxZ8BKPgcE5ZPCx-SqUVXJUV48r4h9X0-AY6Hc6wr_2a7OJY3TURsUO_p8NsmauvmrNYoxVarB0NUg8IuqxY_O6SxqGrPY1P5Vuv3M4iTcXWXEnLYWX9hJXJzltl52H2Swm_wWQ_88DW-wpHMb9NBwS84q8Ew7v8St0nv-FOXZVce95Oz1PBS_-aLjv4VC-3jHqF3jdATd2k12DS5aY_RJ7dpUyfoN9oVu6J8A6rYB5t342IXUb6D0dIeD5_yYjQC1g7WQqTfA-yvXMOMCxCaEFD-umLOZz-vhFB62VUjLvnqb9-7FVG0E_wA&cid=CAASKORo-ayuDujRI2pV7FIA3nIJL8q4NGp-7IRt7IQq7DQcwZe_ukfUzFw&rfl=1%2Chttps%253A%252F%252Fwww.fox13now.com%252F%240

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

422c1920cfc0939b1efdecd0d308ddc0a33127c043abab9eaa35d198a95753b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 01:19:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33793
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F9D4 42 B
494 B 118ms
55ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CK2w4Vy0xO7MDmG83EYCKrcRSO9Zy3hmVOzvlYbwby2UIU5Fv9wu_Ee2AWs7atw8tCTEmOao9ptz10aYwONR7RpymRwUxIoA0PAoT4uPXWr3Tvy8c

Requested by

Host: af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com
URL: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 01:19:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame F9D4 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/window_focus_fy2021.js

Requested by

Host: af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com
URL: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 00:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 00:45:34 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame F9D4 17 KB
7 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com
URL: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 00:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7572
x-xss-protection: 0
server: cafe
etag: 3190241002381566568
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 00:45:42 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F9D4 0
0 28ms
27ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQh0c3_P6tjf4_8oMcCjTFa4OYdcNAbWHgIeMksYJVBfQWW3qBCD288iFkRGXnYN_2-5zMwQFlYdWLh6ogSJ5O6mkgnwg
Requested by: Host: af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com
URL: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F9D4 142 KB
44 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com
URL: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44876
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662981969255015"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 01:19:40 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F051 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRelm3q9sMziXSD2lOKOvaJTYOmj27Gzgqv6xmJzDGdtMJxIF5OVFio1S8eKdNFBsXFrXkLce8FsozFhJdVDYL-9nW-sYHipT_J5Di7i8in8awla3Xk5rpZR5SlR-TH6d2VVfED-u4QZN1wb1YNMdOA3JcTceDQz5Yptw7mMFrkOZg6CEN9UqyL2jhMMGoTeNbEXUOlT1iK2kPinOt3Jw4KpJber1ZynQhe3vR7Hv8i0W3gb7v4kKH2M7d-jAuwzIGqkd6ojrzR6Ggni85sfwMlR96to32fs2sMJAiI9YkMCobimOwtQnzDp1yethLK024ULy7wux9D9MCBT3oZ8DAlQdX&sai=AMfl-YQwv25yisrFuSMymBshPD5i41vBud5-k5ov23wPpasBiGe0BjxTEF_tVsByygt4kG-n7dUN8OEvOmuvHdi6j9UQJ5LD0xnhmDlgSB_Wwuy6ArgVZBH-LrCtv3kCRkjaowI&sig=Cg0ArKJSzMkLT35umdRkEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Sep 2022 01:19:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 14 Sep 2022 01:19:40 GMT

GET
H3 202 6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/ad/impression/ Frame F9D4 0
487 B 234ms
234ms Image
text/plain 2606:4700:3032::ac43:cb69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=212002
Requested by: Host: af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com
URL: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gKx8mFOEmDgXk2qVeXlsabtHImGgTvVH6KKO2i4Xym%2FuO9ERoVhbIxLZtDanC3fGJSQjoC3IHi%2FK7j8hcB8e%2Focm1u0d%2BUQwh6WRS%2FsWIJdFMjqU1DfTFNV03uhN2NkfiNVV4kBqUTiQcT8sCs2i7o4D8w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 74a54bb8dd019226-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: FxSVWyUMENxKwpsAywAR

GET
BLOB 200
OK 1e1801cf-c4a0-49cb-9027-86936abd56be
https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/ Frame F9D4 789 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/1e1801cf-c4a0-49cb-9027-86936abd56be
Requested by: Host: af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com
URL: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length: 789
Content-Type: application/javascript

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3BF0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJrY8g0CUJOkelGYnzxmOeU&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJrY8g0CUJOkelGYnzxmOeU&google_cver=1&C=1

43 B
840 B

41ms
41ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJrY8g0CUJOkelGYnzxmOeU&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COm_ExDK3oEBGMro29IBMAE&v=APEucNUlumLnTGb6AS5mObFYbJERB-tWpll734_UJ2YmD65zSCwkvQJ-T-X1qc1wmeIyNZLhQOh3OKE4gUnubaWQkjiIrUxH1v6xaTI8bKpLp1EJ6N4l8lYZcQwy4eZ_-6QA_xQpDuPHTJ3O7dSuTkxdwl7l7MMoWuLXD2wnCw9pFukEowhv33k
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 74a54bba28fb9b76-FRA
pragma: no-cache
date: Wed, 14 Sep 2022 01:19:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JVfECpSowwue8bqUDaxQOdZsiCO2cu6BAr63AiuWrEgFRthHpKdQC0vpa6FKGWqsZnnlVotQq4eUmaJI36IaxBDmEfeQezjeYBKR3B%2FxE8iiKIpTgFuLQCgCIRbyJZOkR2mDmMYuYOUN6g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 14 Sep 2022 01:19:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bx%2FSTABC57BDmU13ku2GmCmmQi1SJDPbss%2Bx8YlRxeW2N9BkRkRmFe5xpQyh1ZlVy4QbZHH2Qfr9lx6ks8Fc%2F%2F2ROI9VnOFgfrLaCtMLKWLwlFOpMIiphDGao%2B4eeyu5FFQcmca%2FqdmS7g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEJrY8g0CUJOkelGYnzxmOeU&google_cver=1&C=1
cache-control: no-cache
cf-ray: 74a54bb9e8db9b76-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3BF0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyEsLVTIlMME56D.BkLj4gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJrY8g0CUJOkelGYnzxmOeU&google_cver=1&google_hm=2

43 B
841 B

41ms
41ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJrY8g0CUJOkelGYnzxmOeU&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COm_ExDK3oEBGMro29IBMAE&v=APEucNUlumLnTGb6AS5mObFYbJERB-tWpll734_UJ2YmD65zSCwkvQJ-T-X1qc1wmeIyNZLhQOh3OKE4gUnubaWQkjiIrUxH1v6xaTI8bKpLp1EJ6N4l8lYZcQwy4eZ_-6QA_xQpDuPHTJ3O7dSuTkxdwl7l7MMoWuLXD2wnCw9pFukEowhv33k
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 74a54bbaa9469b76-FRA
pragma: no-cache
date: Wed, 14 Sep 2022 01:19:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dDNeKrOP3E03mH%2FDtqkcfT0aVEg%2Bz5d9sYHWLKRpBxnyzNRWMtMmMXNE5LfVtasf4zb7mdil2SUGYfCTiaAgBwQimIcfzggWwMzNx60vZsSfNO3Qp6ukxW72GiN7fMZBhQgAjcDGSXujCg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 14 Sep 2022 01:19:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJrY8g0CUJOkelGYnzxmOeU&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 3BF0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEN4niFDDj85Ot9eVyhu1WYA&google_cver=1

43 B
1020 B

23ms
22ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEN4niFDDj85Ot9eVyhu1WYA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COm_ExDK3oEBGMro29IBMAE&v=APEucNUlumLnTGb6AS5mObFYbJERB-tWpll734_UJ2YmD65zSCwkvQJ-T-X1qc1wmeIyNZLhQOh3OKE4gUnubaWQkjiIrUxH1v6xaTI8bKpLp1EJ6N4l8lYZcQwy4eZ_-6QA_xQpDuPHTJ3O7dSuTkxdwl7l7MMoWuLXD2wnCw9pFukEowhv33k

Protocol

HTTP/1.1

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 01:19:41 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 002d3e86-f588-488d-b9b5-3b2799bdb31e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 14 Sep 2022 01:19:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEN4niFDDj85Ot9eVyhu1WYA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3BF0
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk2NjA2MjE0MDY4NTU3OTczOA%3D%3D

170 B
243 B

68ms
30ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk2NjA2MjE0MDY4NTU3OTczOA%3D%3D

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 01:19:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 14 Sep 2022 01:19:40 GMT
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2f73624d-9543-4410-bb07-783115764917
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk2NjA2MjE0MDY4NTU3OTczOA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 imp.gif
flint.defybrick.com/tracker/ 43 B
102 B 108ms
108ms Image
image/gif 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e00136cedc634e244829d9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163343714593d75062f578aee6d7e3474fbd498cbd38e820d861cc5682002aa77c05ff1e10577ac85b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82c1d08f77f6aa999117aefd8f964ec57a917f0dd07c74cccd17cc22a2984db7299779ac0bea5dcb9b01d7cff2de5bbfd7d0730be806b95e116b5414603d40c5dd486829f81b2c527df21d6deedc85ec54d5814aa5f0ddb95c54e7682ba70aa5be0931fc127a92a101805c862ec578891fe78efd5689c1ba7c19ccc7780191c2de84b011f7a446494fd6fb95098cd8a2be89262e88161d48fe8fd73c0bce04a773388e2504ad0ba055909e4ebad23e06bc2b441abbf33e525e664880293459eb535c70778b2b3ca3f7c2227567b57184fb8fd9e388710bd4452516bade50c80c60a06fda4cdf8e07ec886e7e09bf9adf6574c3efd5b85b5507280466d07ca655d7070eb7daf7205dfe8c767967dd4238bb731cbb80ff4671d7232086e67e9d2f8c96e695f9b0457d082cbb1b4d64146cbf2fb28d4bc2c3e86964b623eeb9b9d1464e23b971cdf08e93fd6&cb=1663118381006&cri=KlqkD76atM
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 01:19:41 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-length: 43
content-type: image/gif

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame F9D4 106 KB
37 KB 61ms
20ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/
Origin: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 13:42:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41832
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Sep 2022 13:42:29 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/elements/html/ Frame F9D4 8 KB
3 KB 66ms
24ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DcBJoA5Va3muXjGPWocLpYtCmmr6DVIphzWNM0OpPoR-EeGzwRp5g6s7qk3xzt8Nlf7yGyjGdkTVlPod3_YrnTUufMqA&cry=1&dbm_d=AKAmf-DUWt2cHQbWEtTiM1ZdnQ87q653wAFh4C57rDl2wG-kFzGCprmb-V_BCsJU9DZA7XCLdhQvd_ypSSvj7caeOkGozS6jbKTmUfBoQQ7T_bKgGkId-SyqzkabvM_FZ-cegm6iCoHcgNDpFWhlr0-QYAvFYDOl8aM2r4rVvbLv48nN_qysCPj2Lb1lCZt0ReDcdrs7_SiaxnRHNogDtmMARrbNtQE_gjB5PTyhoPuYWmN5YiEmc5Hlu9R4YUfJIgpVLbhmO5t5F3TYCZFFaJ_rVJBEuYby735U9Meg7pTrm0COG8R6LdPb0x-4d8kkUVobPwhmcTLs9tcyXK7ZsPOlcTJLKdE5743mYS0dyYJXmdgh_1Gmak71mthwLupZBxnYdeFDM6p7S_UirsShjSJz_IGGUZPGa87vvB7ZAfzWvMsmdw2-eIGgZu8Qaby_DE64R8hw_sJ14H0pea1Y0h1FtLnHwfGhpDLYH_lnDT5B9RTNwe6Y224DlH6fIkxUJNTkunjaAINuamBO6By95rFIkQcKqCiR0UZQENXusbSLviKLUGTJcFDFzvFJ0-1GIHNSTwyihfzNmOzjg1UtfaYEV8lrcHemg2uXcB36fOXyYgUWY9zKvwYn3ULzMiAyL5So335KJTkl_I2JSv-bkCno6ULidj7BEDeVRM2kkUnzG9C6e_frgse7XJZh1t4NhYJxEVdy6G5HtvFkYmL4ce3CX2pqkGNc3tljvldkcYQhJ2aII_IWw-JGHlhiSaBS0U8OIvuj913Quw3PSTCFeyTWg95SZhp4iGPSZfBk3DO0yd9frOYImE9XIucuZzNlqhsuuXxNeb-l0WwwPpH0bIikjunMh5PG2pYzMbP6ckuompYv3US3oVAJgatDhenX5S5rBX4iPbXgWDOJBgl8qxRAIwGPQpPVcSygE8azy4XmC1EgaSw0VMLuf1QnGx2WgS1VeKYNsyhf-W_F7CPAEY-R5eW9oyUsRl7jtmY3DU60oR9k3CTT7h6Yg9DR_V9jNrw0L6ZQu31r_GT8p2xC3SmZDI831b3t4rFT_IYcSAjT31Ur71vvbh_OpGJWYhWqT4CPtoUHjRJrN3U0MhJYHrQC59Z47ebzFqZjCZI9knYt0YnJhktMvSKQHCsNdmHPImIj4XunRlNhgZjjut0Pn1ysFrHKIY-cRFJQfwHCVSA0oRN3M_3ESAGa_9TXSf1r9auwOF0b4V9p9rpZhEsMP0LCucljktwzrx7XBTuHcVCnwI0oV82-mdE5-6E2nOuZwrVqoSD4IrQENU-ocjuEcms0WoCk1KEvVlwfsEzERz4WxkW4ObLqVkT0LAFRdRRMxfRRKGvoMO63akDoIlHfd7KtyyxZF-DI0AXQ9d-yWP63cg95p-NYetGkmfpu96F_2wbESCtpTzoP1Bix9FDzUtbQogrmvKEl4TupLVpatdbNvnt-NkKO092dMQKIRCP5-LtxPIkL_7vLq2ACY3MolbiiAKScKGQlCNNbEWbXta9ftxmXDS06XwCzJx6wI_6oAcPUmm-bzeke2KvRmfS__QHRCV6nH7svUjxId5bhRAn-qsGznr_r_gz2SV3qyB0QwlKVv5s5g_eky37BIH0JwHD8AOzEH1iHwu4yMRNL1oynwWhtjq51jePI_HB2th_iNjSxlvpkoQPXiGVk_WKDh0DAtZmufuyqr7ZGhrrxa1_AXKCfNLnNTmUFxuLt6Ok27VMxITCty0GdrJSlRbO6NXc8NBvCVHexQtpN9s-vL86RgQC9Gb3wOQrMpa2X37LOAIrT-VVZBmTUP9g061hH5_6OZh8DJYWdO3onsbVOcCecsnRa2aNmi6bOxC_urHH026jtNQ5lycH9FAueUVbqr5sJrT-KQ0PuAmBMPPJc6kMg6dMs5lKHW6GERzQjknY-FAQTNNquSN3Nw02zH0lqEk4JpJg7NV73QWU1xbTWwq3h68GivSJllOz-GNeIdpcF_DdBpv69D8RO0wM-18o5eVTVsqxEAP4PGc-5QTCSBrH__6cjw3RLWoCj9oYC48DCm0o197hPGMcisKypvXjk5CQEnKBHTfLSiCR0ptA3_vlqudHAHJCYg2UK2WqSvzX5fhUJVrRwuNRJvgzHYVAfjtuIV6Bv5sHxfHqbUpmRbbFeTr44xvFQLFQkyb5tZYYETqQD8Q27qE7R77zzzzOdGSX_zj2mAfy6GtkREgGPVrfgcDxCGxurePERA3FFY1mpRk4kD9kIvaXDkZXcMjHWQyltJN6hX9b19efe2BcJ4_dTi6Mizc_jxJcy7L_NqSleBsok84hTriHPrk-NgDrHBAKmZjclpqIHlRLXfFUZQcaFSFfUolsbEj_bHIsEZpBOIvAQm2vRq7ouy4HkmU2Fe_FA_MhsRazyzlvn2qCaSZRh8pr-ARg7Xh7vHL9akyv0GnRrRG8PPicwFpuE_-kH47L0GQvAmgU_5gO4IreEGNQIdZ4NueEAFDWLl5uQ6sojiG8lNqXyk9pVWCiVUVpBB7T_97iCqV3wKBWP8onuWmLC5UTUfNAx6Epj_kDO__oq3itMxZBqL8NxHWO2UQbXQUpiiS4-AQHn1TEV21VSLIwjP0Yp_NmFrpa4iJQgMZDQrk-w4c53WTPDX5ko536p69IbKnBjEQG3Ow2M9TiSehCfmNngqpAf5n-5akAX_H7LQgUUlZfSOk_S8dEnUndK6Faja5p_sTe-nNLHC6WYbHQYZFETm7JAfncQbfAJgbm8Mhu26jw8mNAvRhmKTf5C9F7oP_LEgNrmcGAztu6lfw7gqVyZqbQBOlkJ7yQXJBF6scDghtW2diqIu-gC9Jmiz7ipoerrcGZUai7jYVo3CT4r2-xoV1jB7i0MThdz5j6tiJ1F9dFx7pYejFL4R1eOlqT4bpfUwFPGR8XPAKW7jjSnoGRzlkEjVF2CiMWcQwGxZ8BKPgcE5ZPCx-SqUVXJUV48r4h9X0-AY6Hc6wr_2a7OJY3TURsUO_p8NsmauvmrNYoxVarB0NUg8IuqxY_O6SxqGrPY1P5Vuv3M4iTcXWXEnLYWX9hJXJzltl52H2Swm_wWQ_88DW-wpHMb9NBwS84q8Ew7v8St0nv-FOXZVce95Oz1PBS_-aLjv4VC-3jHqF3jdATd2k12DS5aY_RJ7dpUyfoN9oVu6J8A6rYB5t342IXUb6D0dIeD5_yYjQC1g7WQqTfA-yvXMOMCxCaEFD-umLOZz-vhFB62VUjLvnqb9-7FVG0E_wA&cid=CAASKORo-ayuDujRI2pV7FIA3nIJL8q4NGp-7IRt7IQq7DQcwZe_ukfUzFw&rfl=1%2Chttps%253A%252F%252Fwww.fox13now.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 00:21:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3463
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 00:21:58 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/ Frame F9D4 30 KB
11 KB 58ms
20ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4831f38d5033e932ef3b079d240c86ffa99b3efa45e5f2a14ed3d1f4d1c3b3be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 835
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11716
x-xss-protection: 0
server: cafe
etag: 11026421231030424798
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 01:05:46 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F9D4 41 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com
URL: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 07:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64014
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 07:32:47 GMT

GET
DATA 200
OK truncated
/ Frame F9D4 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eecdb842e85b2b64a11e9aacd893a3d1a49135117dd693df5218e429df62576b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 728x90.html Show response
s0.2mdn.net/sadbundle/2659564807390457485/ Frame 9D02 6 KB
2 KB 65ms
22ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2659564807390457485/728x90.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f24c527341729667fb4a253280f2c5c4c647ad3fce508f91470f18e3a54cec38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 141066
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2322
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 10:08:35 GMT
expires: Tue, 12 Sep 2023 10:08:35 GMT
last-modified: Fri, 02 Sep 2022 12:54:51 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F9D4 0
622 B 136ms
68ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv-FMbUy1iOHujgAhrjbwFKvGJ6YY1WnD7y_mpYV1qraqz3oDbKJPro0uIMcI0Q7yMEMyryk1M8HLd2lUmYDUQEZ9VhcAcYC9m3SFl1QnrvAr4Eyce2l1f2LtOckMrxYIIVqKxK365_pQrFE6_a4K3Tq8ROzFT-o6y7x93xNky1CucgYfcJ_ze5FngvywUDVjBjze8vXtUvd3dXsHzkDGYqqVUPXoKX8K2DKvjj7ynhJBKrOXu7zgZJxy2SvScuZe8G8zDm9E3NT6bioVJBOv8f1r4mzfRvFbKU_dPYSrA-MCZNv0VbSBeQ0MyXj-lB3Uyd4TxMI4ijRDWNfg6x6ZZ8ck48u6mj-JNls2uuaozASr0SmzwMOvmoafM7tzGtT3yIUfPey1mRyaZfdl5i0oGsN9yzAHT23If2-tLN1qf6JArWgRU0lYb1OhM9jySU51QGsO6GneLfOxupYL0kKxs_f9_ZBpr1Pk3k4Tqsj00JTKmG2UdIZb9C_wVBm7j6t3M41IeZ96uE7hljkga_KR3129zS6kOGfG_ILmIy-pnhP8IKm9Zc-1d7Lzzz7-Fe0rQA65eIMSvrt3Uac4Qm9QVr-C8Ewgci0cYzRdr-NGhJutE4PVV4hif_4_X1_FpDoTL3RrpSDIMe_rol5qhzLJzWJP0i1-bZ6zLXZ-53V9gtFABzJik97ySz-yOzgX_oLm5gOmnsFCDYj4hn1ZcNneRJQ4FGqufqOrGXf9CCjMFkkbPzJzo_9UgkoldGBV7T4v_krMwUM8amQKTc74klqsfXGzG-744KPU_-cOMl79W6IxMD5r8yBQYQt-i_Xa9NaAdBA3599RYLyn3uejW0malh_iOu_jJ7rePS_XhuTTKaAN3t0y3MT2PmWRaeAbuQpuRqrbxCPVtMnjESq72EmeKmebNHnOCJWaKuBePOABUNLeWQq-y-qYI86Zj1U-wA0GpOP-VUpobsLOj15-UOrNGvUWGowkKHJWXQI4mXD-qy92QE30uVfbvlF-_3tURmdsKzCoVMvS0wvvdxX3MDxxrF3RbV5pzgUvHoQEXlqce6MFXgVbyLDcHu3A9KF4IWbnO0BYAZdbA3nFjX6tIjxQYJa4cUtnfcXKZlWNW_WGrh5oTWz5j_cBlIJdljpTSoBJW7FP_O4PC2VIAGhzBMogiFXZetqN8_qegH5adBRawlP8WzEYp9&sai=AMfl-YRR504NjT4C-MynSFpuihPjREvWehBayYNtqSUXXWre3wyxiBX6jxaxh3V-n6vlEfGISDaw6J3Y5IwUt0G9wZmqFr6dq4BdDjEkpu9T1qOWw8Rp001NcNU_2eZWfBWHYJVdNzJhi-tmE-n3JcC5AMOV1hQ32xceIAff-wNek3r2AR6Mk3nQ0mqzdM8Db6styfTddkhUruvquJ086PafbHXIMoKbYtZFzg&sig=Cg0ArKJSzPf2jM2qcjdVEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=99&cbvp=1&cstd=96&cisv=r20220912.17666&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Wed, 14 Sep 2022 01:19:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6C22 22 KB
8 KB 21ms
21ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 64014
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 07:32:47 GMT
expires: Wed, 13 Sep 2023 07:32:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js Show response
pagead2.googlesyndication.com/bg/ Frame 6C22 36 KB
16 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2510ed81c525ffb3948c9e103bc6d56f036e45346a0d4c6e481602c223c74ba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 20:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15893
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Sep 2023 20:04:56 GMT

GET
H3 200 createjs.min.js Show response
s0.2mdn.net/sadbundle/2659564807390457485/libs/ Frame 9D02 236 KB
63 KB 26ms
26ms Script
application/x-javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2659564807390457485/libs/createjs.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2659564807390457485/728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bce1a3e8c91b71186d76d82901b87cd125140595731334f288ea8eb609371d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2659564807390457485/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141066
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64179
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 12:54:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Sep 2023 10:08:35 GMT

GET
H3 200 728x90.js Show response
s0.2mdn.net/sadbundle/2659564807390457485/ Frame 9D02 101 KB
19 KB 22ms
22ms Script
application/x-javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2659564807390457485/728x90.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2659564807390457485/728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02692083c90e7b4058746c5d1fa897eb7f50f702281329d109dac67c2f41e9a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2659564807390457485/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141066
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19895
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 12:54:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Sep 2023 10:08:35 GMT

GET
H3 200 g.png
s0.2mdn.net/sadbundle/2659564807390457485/images/ Frame 9D02 16 KB
16 KB 22ms
22ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2659564807390457485/images/g.png

Requested by

Host: af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com
URL: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e8fe9ded20b51d2f1c763b6829a2accfb682644f6c03177599639271e56b30f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2659564807390457485/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:08:35 GMT
x-content-type-options: nosniff
age: 141066
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16267
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 12:54:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Sep 2023 10:08:35 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F9D4 0
26 B 107ms
61ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv-FMbUy1iOHujgAhrjbwFKvGJ6YY1WnD7y_mpYV1qraqz3oDbKJPro0uIMcI0Q7yMEMyryk1M8HLd2lUmYDUQEZ9VhcAcYC9m3SFl1QnrvAr4Eyce2l1f2LtOckMrxYIIVqKxK365_pQrFE6_a4K3Tq8ROzFT-o6y7x93xNky1CucgYfcJ_ze5FngvywUDVjBjze8vXtUvd3dXsHzkDGYqqVUPXoKX8K2DKvjj7ynhJBKrOXu7zgZJxy2SvScuZe8G8zDm9E3NT6bioVJBOv8f1r4mzfRvFbKU_dPYSrA-MCZNv0VbSBeQ0MyXj-lB3Uyd4TxMI4ijRDWNfg6x6ZZ8ck48u6mj-JNls2uuaozASr0SmzwMOvmoafM7tzGtT3yIUfPey1mRyaZfdl5i0oGsN9yzAHT23If2-tLN1qf6JArWgRU0lYb1OhM9jySU51QGsO6GneLfOxupYL0kKxs_f9_ZBpr1Pk3k4Tqsj00JTKmG2UdIZb9C_wVBm7j6t3M41IeZ96uE7hljkga_KR3129zS6kOGfG_ILmIy-pnhP8IKm9Zc-1d7Lzzz7-Fe0rQA65eIMSvrt3Uac4Qm9QVr-C8Ewgci0cYzRdr-NGhJutE4PVV4hif_4_X1_FpDoTL3RrpSDIMe_rol5qhzLJzWJP0i1-bZ6zLXZ-53V9gtFABzJik97ySz-yOzgX_oLm5gOmnsFCDYj4hn1ZcNneRJQ4FGqufqOrGXf9CCjMFkkbPzJzo_9UgkoldGBV7T4v_krMwUM8amQKTc74klqsfXGzG-744KPU_-cOMl79W6IxMD5r8yBQYQt-i_Xa9NaAdBA3599RYLyn3uejW0malh_iOu_jJ7rePS_XhuTTKaAN3t0y3MT2PmWRaeAbuQpuRqrbxCPVtMnjESq72EmeKmebNHnOCJWaKuBePOABUNLeWQq-y-qYI86Zj1U-wA0GpOP-VUpobsLOj15-UOrNGvUWGowkKHJWXQI4mXD-qy92QE30uVfbvlF-_3tURmdsKzCoVMvS0wvvdxX3MDxxrF3RbV5pzgUvHoQEXlqce6MFXgVbyLDcHu3A9KF4IWbnO0BYAZdbA3nFjX6tIjxQYJa4cUtnfcXKZlWNW_WGrh5oTWz5j_cBlIJdljpTSoBJW7FP_O4PC2VIAGhzBMogiFXZetqN8_qegH5adBRawlP8WzEYp9&sai=AMfl-YRR504NjT4C-MynSFpuihPjREvWehBayYNtqSUXXWre3wyxiBX6jxaxh3V-n6vlEfGISDaw6J3Y5IwUt0G9wZmqFr6dq4BdDjEkpu9T1qOWw8Rp001NcNU_2eZWfBWHYJVdNzJhi-tmE-n3JcC5AMOV1hQ32xceIAff-wNek3r2AR6Mk3nQ0mqzdM8Db6styfTddkhUruvquJ086PafbHXIMoKbYtZFzg&sig=Cg0ArKJSzPf2jM2qcjdVEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=248&vt=11&dtpt=149&dett=3&cstd=96&cisv=r20220912.17666&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Sep 2022 01:19:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 checksync.php Show response
hbx.media.net/ Frame 79AA 28 KB
10 KB 355ms
355ms Document
text/html 2.18.68.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/checksync.php?cid=8CU6Q6626&cs=1&cv=37&hb=1&prvid=23%2C3016%2C239%2C97%2C79%2C3012%2C246%2C80%2C229%2C2030%2C273%2C175%2C2026%2C54%2C201%2C203%2C326%2C2034%2C339%2C75%2C261%2C141%2C226%2C2027%2C117%2C238%2C96%2C126%2C106%2C29%2C3017%2C38%2C102%2C108%2C3018%2C71%2C59%2C3010%2C251%2C178%2C159%2C58%2C3007%2C147&vsSync=1&refUrl=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU6Q6626&version=5.1&dn=www.fox13now.com

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.68.23 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-68-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

7873bb1571d1939f63d6edec7bdc038f8b07aee19568b3dd89375f676beb7d24

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains max-age=604800

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 9962
content-type: text/html; charset=UTF-8
date: Wed, 14 Sep 2022 01:19:41 GMT
expires: Fri, 16 Sep 2022 01:19:41 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=86400 ; includeSubDomains max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 79ms
36ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

204cb9da1bd9e267df9f567a8dd0b7307d8f0d59bdd8628a59f4019f10bda234

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Sep 2022 01:19:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11346
x-xss-protection: 0

GET
H3 200 light.png
s0.2mdn.net/sadbundle/2659564807390457485/images/ Frame 9D02 5 KB
5 KB 21ms
21ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2659564807390457485/images/light.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2db9d5f7697cd1a3b2b0909f66c6c88bee18c59c5a91a40badd3edbfff382a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2659564807390457485/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:08:35 GMT
x-content-type-options: nosniff
age: 141066
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4863
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 12:54:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Sep 2023 10:08:35 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C22 0
20 B 56ms
55ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BAjDqLCwhY7b-OcSt9u8P_4G12AcAAAAAOAHgBAI&bg=!bG-lbyvNAAZTikH4c4o7ACkAdvg8Wsu4g9lDOSySUbnL6I1jVbVVccGtD8OAd9wyzisrXmR0cPt1ygIAAAB3UgAAAAJoAQeZAyN3oEM8xqDOyOuq3bOzC5uhFmNvBdYztwagfkk-ZbQin3dWNDCK-_xhn37pkDogyOJlfLjJNW9oJqusHIqpAT4b5_ibxgZWXUBBWSfy4oTEKngw0ms6HXu4J2AfFw5f1Az3fSsB79IWVdCV9DIhqjl1xf7DgknA0PGqmo1NW2td347cYbGqrC5hI8S5GwX7UFZBlCh2ZmblTHAoVDy3_1FpJYAhD0HXSlIVA2GEg9gSpPnSuCR4McRJifsVXy-_4J4gqYzt_coyO4eZVXVuFdHV743O2ndZ6zoNy-mBe-ESoTivPplPJ7mNN8SLsOAr5l3RVTebq-EhZy9wXG62sPGBBzfWm0k37zvEDJGj7p_YD9R0fF8rJoQAlOLBfGUBIe0IMJM6OVvWj37GsqpTRlPjAw1S3bqDvthFVjsW7hvaC05xfJgAGrAV6nve0lllXjf0bfUFVVZDaglzok5zKOd2XWCeF9kXAZVbziKPk3PDLnzqS-oT0WY47oNjYr0ad_xUx6dFROBWQAtlxWkR89cVD03Mv_nBHhN3CvswW6lJ3TPgTkN77JEQ600fd3GLMSC1qcCkvAFYE8KKaPBskm2UdG-_xZVDhaSrISBvYfyztl7q4nkMd-CkiHzMWgcUZ_1n5jxK0L6d_CGOqLcGnj4VLy2u_RzaQL8rqvX28DzxiIV9Wh3S-iaoHk6JtoBn_Hpqd2Ek5nPfLi4SBB1TX1wQ805QcHEv1_TZxgW9hTER6DHKFQxHxVCThae0rYvE8Ih0W5p2OEZAjQoOvRBBDfMgoLrqE_gt048Qf5IWZpVSELgrihHIzMcbSGVvmsFDzsXTQcvaaM6phbEZrn_pfkWwe5zlzZENpJf-o4pTKbQJ__aV4p-K5Apqso2ySP9EK0E5rChn1Tq6gfG6d4y2wsJIvU7SaJd3y6E3AomLkMn80-7nLqxdtzvMy8fXMnNaIj3wg8QwvVPNZO8AMZlpgWkPa-8fw--RuKlPM4n4xaSZVsupl-30epLOxtOypqTWS-MGp0KZi5hMNmFJ2eiFgPW1Jp3iRFUyJ3JIwnJ-dsuvnKC-fQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 01:19:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ticket.png
s0.2mdn.net/sadbundle/2659564807390457485/images/ Frame 9D02 10 KB
10 KB 22ms
22ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2659564807390457485/images/ticket.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe92461b01c74e1511e40d7d4fad509a7568eb4da076cd4fcd665c9d0cd0330c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2659564807390457485/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 10:08:36 GMT
x-content-type-options: nosniff
age: 141065
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10668
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 12:54:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Sep 2023 10:08:36 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 01:19:41 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4C72 13 KB
5 KB 21ms
21ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 18885
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 20:04:56 GMT
expires: Wed, 13 Sep 2023 20:04:56 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 00B4 783 B
534 B 32ms
31ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

53d9d6ec6292e50811b069de7d50c926ff0b014b16bdb7c071096a725fc87053

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fHtEhTsNZAn7QPTVt6v_qQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-fHtEhTsNZAn7QPTVt6v_qQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 01:19:41 GMT
expires: Wed, 14 Sep 2022 01:19:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js Show response
pagead2.googlesyndication.com/bg/ Frame 4C72 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e410671658d1dc6f18d8bb5750b4099bd16eff40d2f57ac64a367c0ae27e4928

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:42:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16025
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Sep 2023 17:42:26 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 00B4 0
0 55ms
54ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022090801&jk=3400557250868076&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4C72 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?AQ5Ycg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:19:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 log
c21lg-d.media.net/ Frame 79AA 35 B
173 B 403ms
287ms Image
image/gif 2.18.68.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=1&vsid=3061199818214780000V10&origin=1&flt=0&pvgid[]=data-p&pvgid[]=data-b&pvgid[]=data-t&pvgid[]=data-sov&pvgid[]=data-r1&pvgid[]=data-pb&pvgid[]=data-xu&pvgid[]=data-tx&pvgid[]=data-bs&pvgid[]=data-c&pvgid[]=data-ct
Requested by: Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CU6Q6626&cs=1&cv=37&hb=1&prvid=23%2C3016%2C239%2C97%2C79%2C3012%2C246%2C80%2C229%2C2030%2C273%2C175%2C2026%2C54%2C201%2C203%2C326%2C2034%2C339%2C75%2C261%2C141%2C226%2C2027%2C117%2C238%2C96%2C126%2C106%2C29%2C3017%2C38%2C102%2C108%2C3018%2C71%2C59%2C3010%2C251%2C178%2C159%2C58%2C3007%2C147&vsSync=1&refUrl=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.68.23 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-68-23.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hbx.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 14 Sep 2022 01:19:42 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 14 Sep 2022 01:19:42 GMT
content-length: 35
content-type: image/gif

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 78A4 42 B
64 B 56ms
55ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubOU3P1tS-_-KLY3ig9KtwqKMCZVWnRT8mjsKZ7q2OOyLKNCKUluTAQMPeQCTFtMPvt6yZ-LOwfwHuuMauXCAdmXZ1C83_iBLlJJsNqNGaQNC2EPs-&sig=Cg0ArKJSzNfMKWWZ_opiEAE&id=lidar2&mcvt=1000&p=263,315,513,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220912&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1666007649&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663118380636&rpt=191&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 01:19:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 63ms
63ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022090801&jk=3400557250868076&bg=!YWKlYibNAAbG3AOo5tw7ACkAdvg8WqhJFSNhQWP1oVJimI5IKNGuVo1fiLM6kBXQdiUWajXyMtZ5lgIAAABYUgAAAARoAQeZAtqKuB7Jk24ix8-8R9VoSE5DOa7D1lViHnpFjK47BUYF8hIojvjPvFnLyd25TsZYt8aUWFr6pNkZs4cs7BdY0cbxumQTljHqubTWpmrW6HablBXho786_3ARdotYJlT2EPCJkZpcYHfu0TV9l-ETvrl3jeDBm3af9d7dNHGuWzVC0MEDAZGzfcfPQAOdiN8Vj46wftAK-5mjgvCu2gBG-fmMQ3BlQ_Ujm15lr8cGpH9ycq9VctyM7-3rFB1EFeV65vK1VlIWmz20E1oUnApMT10q1Ej9DiFsybzSoL4_uSdHPDbTtCo8Rao9xvzc4TePhamMJMslFWRfLaUNiOZkOzz0cwYV8zjJ-5KyfIZxucj8YjURVpLknvQGqmjOrR3rT0MX3Sa8-somNFEUwUTGJFFwKHYiyGuFPP9tXz8yUuOtKZ3l8H4kBPayBRYri4JIZM3d76q4e_8OsfryG_MhP2QtqlvqcQHQ6jXoMhPo6PFiYl-DF0N9H6yUMO-Sb1azQ2NtVtV6DsgSJyROn_2LEqEKIfF98rLVqRpa1RxbFUdx4027IJ7fyo-aHZe3N07Z356dVxD_NSaN3PR99MbdU42PtZ8n4VBW31JY7cMNmbJIZiK3LHB7AGf5Lsfre5xqvx_6LA9C3YV-Qh_jIcTNkdXF4V7YuiGvX9mvkWrBUiEJfW9KPD9Na9rP9ENbtYqCpzuZLOwe1geg5QBdD2ar4Nc8BXTkWV7KDXVJmnCGhAkWLKwdlotKipQwzIzhQMq3PGnrOUfP0ALBIJQ49w7kgbIoURCTYEKYlxMlqN1chHpy3HpqA4jwOvYSc6O6wlS-quldIXsuAvBU6FC_2huNqyhmSTcUUte-AWO0zKjYZTlM8bVVv0ZE3KBf6lYVqxWJclmOlEoEgkBW3uFw0kgxsybFrFLDiqtc9zt6uF2dqJkX0WuA5Pta5qA9_ZUokPGRxZy0ohPq05LgPmd4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F9D4 42 B
64 B 62ms
59ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZdD4rLa3KCRC81NP4XBx4UyV17vn7laGocmEZ80GRhxgA0FZ7ixAy4sEhHv8aM_uBw9miLJRP_dTrak7SCaG5e9gAqOUah6Cwe8UdoYn-7qG2ksVyNlu553PgIFJirSpS38xDxz4&sai=AMfl-YStKavtWAS2vP6K6nDC_oW1j7L0I6HYk3LCbcJDux_ChoOISJ1xMGsiTcWMiODUW4T4vKR0DVjCklwjdApmToI8iPEd3IAxRScZH6jGfJCH63aWhZh8SnNDGy8DfZi7&sig=Cg0ArKJSzCFJWqwB8l7AEAE&cid=CAASKORo-ayuDujRI2pV7FIA3nIJL8q4NGp-7IRt7IQq7DQcwZe_ukfUzFw&id=lidar2&mcvt=1000&p=1106,436,1196,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220912&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=173361388&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663118380797&rpt=297&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 01:19:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK abt Show response
capi-tier-1-us-east-2.connatix.com/tr/ Frame 44BA 0
317 B 116ms
115ms XHR
application/x-protobuf 3.135.86.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-1-us-east-2.connatix.com/tr/abt?v=182145
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.135.86.205 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-135-86-205.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 14 Sep 2022 01:19:44 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=bpL-ZIByur67OuaKj0P0Le

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=bmBWNoByur67OuaKj0P0Le

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=bgZdFqByur67OuaKj0P0Le

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.fox13now.com/	1970-01-20 14:44:14	Name: usprivacy Value: 1---
.fox13now.com/	1970-01-20 05:58:40	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth%22%2C%22sref%22:%22%22%2C%22sts%22:1663118378609%2C%22slts%22:0}
.fox13now.com/	1970-01-20 15:28:02	Name: _parsely_visitor Value: {%22id%22:%22pid=4476dc6fda0af57c8408e8195c304fe8%22%2C%22session_count%22:1%2C%22last_session_ts%22:1663118378609}
www.fox13now.com/	1969-12-31 23:59:59	Name: mnet_session_depth Value: 3%7C1663118378665
.fox13now.com/	1970-01-20 15:34:38	Name: _ga Value: GA1.2.1413820601.1663118379
.fox13now.com/	1970-01-20 06:00:04	Name: _gid Value: GA1.2.1347280446.1663118379
.fox13now.com/	1970-01-20 05:58:38	Name: _dc_gtm_UA-27022641-1 Value: 1
.fox13now.com/	1970-01-20 05:58:38	Name: _dc_gtm_UA-29479748-9 Value: 1
.fox13now.com/	1970-01-20 05:58:38	Name: _dc_gtm_UA-40066851-1 Value: 1
.adnxs.com/	1970-01-20 08:08:14	Name: icu Value: ChgIxIZ3EAoYASABKAEwq9iEmQY4AUABSAEQq9iEmQYYAA..
.gumgum.com/	1970-01-20 14:44:14	Name: cs Value: true
.gumgum.com/	1970-01-20 06:41:50	Name: loc Value: SfolTs1ZIlMDqHB2iQ8nZNmtTWg4gdgiThM5CZxyKg0mvA0QjXoIBgc4S8sGq4NVTkMd16oGYrn_xwdDvMFFqY9qq92F0dUlKmvY6kvmNl8
.adnxs.com/	1970-01-20 08:08:14	Name: uuid2 Value: 7966062140685579738
.rubiconproject.com/	1970-01-20 14:44:14	Name: khaos Value: L80XQQ9Y-19-6EHX
.rubiconproject.com/	1970-01-20 14:44:14	Name: audit Value: 1\|SDziDG3X/EjragzyU/UtYMzzH/SUMvpGs1wMD2ZZQDJ9RnRL5Ni0L+Xch7JEEB7DoXd06IBY4Mu3gIe5pGUUWyYbB5SW5XQ3/lc30Coghjc=
.serverbid.com/	1970-01-20 06:20:14	Name: CONSUMABLEID Value: b7c573747707474685737477071746c9
.doubleclick.net/	1970-01-20 15:20:14	Name: IDE Value: AHWqTUlATXBADcFE9bml-Ad05gKXeBlWM6u61Lvo9ZnRZJwTkJzPnOTEG_kzf-27YLQ
.fox13now.com/	1970-01-20 15:20:14	Name: __gads Value: ID=e68e95fbe1e009e1-2259763620ce00da:T=1663118380:S=ALNI_Ma6xKn6zso85RtPXc_RZp3SfoybIg
.adnxs.com/	1970-01-20 08:08:14	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E><9l$i?!@wnfH8K6pQK`!5=E<*L5?%M-/ZV[peCncIjE(u[59<V1j4f$8?12iRUG5T'%nugO%v4VB%nmLS)rF[]
.casalemedia.com/	1970-01-20 08:08:14	Name: CMPS Value: 5160
.casalemedia.com/	1970-01-20 14:44:14	Name: CMID Value: YyEsLfLoDNX4ljBWyfkTDgAA
.casalemedia.com/	1970-01-20 08:08:14	Name: CMPRO Value: 5160
.casalemedia.com/	1970-01-20 08:08:14	Name: CMTS Value: 1114
.media.net/	1970-01-20 14:44:14	Name: visitor-id Value: 3061199818214780000V10

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.cookielaw.org/consent/000000/000000.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.fox13now.com/weather/school-closings-delays?_renderer=json Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://cms.scrippsdigital.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.rubiconproject.com
ads.servenobid.com
adservice.google.com
adservice.google.de
af2d4df918b8dbcee36b487e0469e13f.safeframe.googlesyndication.com
analyticssystems.net
api.ewscloud.com
assets.scrippsdigital.com
aswpsdkus.com
c.amazon-adsystem.com
c21lg-d.media.net
c2shb.ssp.yahoo.com
capi-tier-1-us-east-2.connatix.com
capi.connatix.com
cd.connatix.com
cdn.cookielaw.org
cdn.parsely.com
cds.connatix.com
click.oi.com.br
cm.g.doubleclick.net
connect.facebook.net
d3plfjw9uod7ab.cloudfront.net
dsum-sec.casalemedia.com
e.serverbid.com
ewscripps-d.openx.net
ewscripps.brightspotcdn.com
fastlane.rubiconproject.com
flint.defybrick.com
g2.gumgum.com
geolocation.onetrust.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hblg.media.net
hbx.media.net
ib.adnxs.com
images.outbrainimg.com
imasdk.googleapis.com
img.connatix.com
ins.connatix.com
lit.connatix.com
log.outbrainimg.com
mcdp-nydc1.outbrain.com
mv.outbrain.com
odb.outbrain.com
p.typekit.net
p1.parsely.com
pagead2.googlesyndication.com
prebid-a.rubiconproject.com
rock.defybrick.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssc.33across.com
static.ewscloud.com
stats.g.doubleclick.net
tcheck.outbrainimg.com
tlx.3lift.com
tpc.googlesyndication.com
use.fontawesome.com
use.typekit.net
vid.connatix.com
web.hb.ad.cpe.dotomi.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.fox13now.com
www.google-analytics.com
www.google.com
www.google.se
www.googletagmanager.com
www.googletagservices.com
ssc.33across.com
104.18.18.126
104.96.145.246
108.138.17.93
108.138.4.59
108.157.109.25
13.32.121.17
13.32.121.95
142.250.185.130
151.101.194.137
151.101.66.137
159.89.246.130
167.89.115.56
172.217.23.98
18.156.195.47
18.195.227.5
18.66.23.213
199.232.18.132
2.18.169.82
2.18.68.23
2.18.69.170
2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
2600:9000:206e:4e00:10:618e:d880:93a1
2600:9000:219c:2000:13:a391:88c0:21
2600:9000:223e:3400:1a:ba5c:3900:93a1
2602:803:c003:200::61
2606:4700:3032::ac43:cb69
2606:4700:4400::ac40:929e
2606:4700::6810:9540
2606:4700:e6::ac40:c412
2a00:1450:4001:800::2004
2a00:1450:4001:806::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2006
2a00:1450:4001:811::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::2003
2a00:1450:4001:827::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9b
2a02:26f0:11a::6867:4841
2a02:26f0:11a::6867:4868
2a02:fa8:8806:12::1460
2a03:2880:f01c:8012:face:b00c:0:3
3.135.86.205
34.160.158.95
34.98.64.218
37.252.172.123
52.17.99.225
52.211.60.243
52.213.181.231
54.93.145.1
70.42.32.127
99.84.88.100
01a721ba5f571ef4cdc7189726219051bfd1253d7a3d255ba38a9138c125c090
02692083c90e7b4058746c5d1fa897eb7f50f702281329d109dac67c2f41e9a1
04b48917ac7f06d47ec018ff64390d2b1858006f9eb7aacd690af5d46fd0e11c
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08de8ea6e0f9152d5d29a0b6d575137784a6c9e8a9771198b37880859a83a7e0
08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122
0b1e44312a8b4071b282b59ebf5ece75b2178019f0a123669e8f01c9b65b1ed6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b93940785a4f1fb8eccc117b67693904adaae97e3b96e45e1b10f2a73704431
11ce3452ba20fdc0fbf5fbe26160de2edcde252060bc772476e8862c7848dfeb
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12ec48c36f134b5d9dcf1bec7616bd356b7f661a52c990ff00b30e81715508d4
13438662fe4bdf325464870da663f8f22b26eeae4df595f37bb87475c681120b
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d4980adcd37351b8bbeeb8a4106fa5d1bfa40ffe2affcfe18f9f093a11d2416
1e07e272734d4232d604835b00dfb9847c36a95e2fb6a01458590618e2bbcc77
204cb9da1bd9e267df9f567a8dd0b7307d8f0d59bdd8628a59f4019f10bda234
216b0aecea7ffbd118761060e2fe6c03793ce63effc86bab7d295b3500ba1a50
25083e75cd6c03ec09d9f58f142cae8847d0b8ad56c2032317e9dea3e2458255
2510ed81c525ffb3948c9e103bc6d56f036e45346a0d4c6e481602c223c74ba5
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2bce1a3e8c91b71186d76d82901b87cd125140595731334f288ea8eb609371d9
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254
2fc67e51612a060864bf2a051671e69044ca49d27660a5e4d5e0ad88d50f38d0
313a777d2798450af9dd10440bb611f5f9f26776ff90797188120343220c5418
318105032b521ca177fd1918c5f40e00315f3b6498bd320c3c62021aaa368c51
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3ad36bb49239b3d32df10dc97841cb24dd28a8bca96ee95a57f4972d9b607976
3b2e1dc6895303cc971995ddf6a2470764398b40893f267bd6023f3d6aaa6514
3cecf39b145fb800614f48a4a90fb0c9020a5bd469e0a675410e78cb0d36ab72
3e7259e223a4335acd4dcd5741f6279161bca832d71e7380a1f3170bf76397a4
4197601187199c9d3454149d70c03c3e5bfe8451f247b362329a743f3ec2f680
422c1920cfc0939b1efdecd0d308ddc0a33127c043abab9eaa35d198a95753b8
44184c16fd72e51859e402906cfc8eb5cc13161916b42cf46e416bc9e3fe9850
477f878f435164c164971a4c3fb7d039e4a371ba0751657aec98bfee723c14dc
4831f38d5033e932ef3b079d240c86ffa99b3efa45e5f2a14ed3d1f4d1c3b3be
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
4a5c5b81982bd593a8c985233f117d4870d552f4c7010582ba3851c189c2d5d7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5057326016c7a54b3c836cb611d531a74e26bec6eadaa75f5b0bdeee191b6899
50658b265b5a2f01ca98916e2356bfcc9a3d7da676b3d5fadef9a5d3b6443c04
53d9d6ec6292e50811b069de7d50c926ff0b014b16bdb7c071096a725fc87053
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565f64a69a246ce62c6954597c9815fc461fb7f48665ca3bd1bf73dfa68233b8
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5baf9cf3594d6cd878e50c96f7548d7011c96441605d8c0f52391e9133654b57
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5d8f24de649d274c051960845b51a0407362d6b4c80de23985e648d3378708f5
5e602181aafe52aa669f52dd06fe84bcf43d6a63c343d443a812a5104668f846
60d86669bd9ed9711c63f3ae3da3922facc9e47fb76416895727cad3d879f71c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1
62e9716cc4c478347347188866b4ce050141e3cf8c061ce8317a8cd0b3f3c7b5
67e99c8c7b00f5a3d067b9ca425b6efd3efba4b18f48da247dfdf285aadc1199
6b6fefb5e7f434251db09b8e38b6480bb91fe9274c98bbd6ad8192b214057ddd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee
6dd5b1d8d12af5a080a1e4255e06de73bedf5e880759b89743a714ea09ead12a
70b72cf2d9f0de822b54aada96b16bcd9377b600018e3aa5808f72436a9c2ff4
71a8c326bfff4f0776f9e729f08909ffa35f7b45544da7bacf5d841ac45e752c
7873bb1571d1939f63d6edec7bdc038f8b07aee19568b3dd89375f676beb7d24
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a80c0bdc9443b9380d96d066ea3fc97f2b84d5c83f52e4cb21c5501f8eff4ad
7b491b7e75f58ce5c0d60bcdf9f0da01d082df493a739458ca0d733795877ebb
7e03ea05c599640f6d1a683302bec77bcd06d63d0a41c3df4867637835876dd9
7f8968984da64ccf02c29cba72ba7040e5887b01aeb26cfb13b92a62d582184b
81a6361b1f6ff5f9f6ca05b773fb993d7b7b3f668635ccba4379fa3ecb9a7e3e
8253ec3637d7125708e2551d661d2dfeaaf1ffe63f3175d456a6e76376beb7ee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84ad680c4d0e81b8cffc46c42843205b31fc74701b5a15afe38881179b158d2f
8827dc6e85e78d6e711fe152b384c9631edfe8a9a9237a74a885790114c47ec4
898de16d09f9c24bcdf8da8b28d1440f260919a5f59d47350299729ede22a384
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8afb8b62e60755118fb0259ec6cd6187273aef33499dad3dcec87e51267fcb2f
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b79af45ca71f020c71f1cfb2c90527472ee0c22c9d67fb9705abd2eb2e9a8c3
9b7a643c8d4582eb24fbd451781753492eee58ec0744d910405f2969ff615d90
9e8fe9ded20b51d2f1c763b6829a2accfb682644f6c03177599639271e56b30f
9fd8f736bc0334fb423a201ae3655687533c0fa90d6cd4c6aa001f29bdfac7a2
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a05474a787838dc56270e28399ffcd03d0368fa060dadce79a545b4d1e5396ff
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4fa167295f841b6a56b90598a47e58e846c9449b369a3078f65422c87e7ab4b
a602655d7316f7aead12712c8dd59eb51c9de4b632621af2ab7f65419206b25a
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a78eee44a33280cae70b7fade38a0ea36d2d3c34252c8fffe9e5d91aaf463a0c
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
a8ffd78cb2525c783d87aedeb03af8282198c208cff5a2c67b1aebd2512d6d25
aa3fecd03a37a2de22e60482c695bdbb64764672e00fa60ff671e15818dcc6d0
aac1c586b450657acfe4bc12163551cec331c56f30bc75a85727d7c48b0dddff
ac4601e35b202be3224690ef2fdb05de146e3dafdedb7544f4d028702af14ba9
afd7b328d517be9b39cc18660e259606627f434e856e584f8d004a5c9ff5a78b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3323e7d9b645b229bf7467624db15b65f3976c54fa65313760d70c0b8d2dc3d
b4096925f34c85d0c0e934ad77c44165dcd66fecc354c153784d246f00911da5
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b6e5c2ace13881b4cdcd295aa9a2c36fd888084ed4d3b2993c5075f3dd186699
b77c8f6b08751d0832faacfcec5c659bd668a7a42e8005d117388cf1f7e28e1a
b96e6beab93cd979f18edcb11b5b9c620f4cf74e43aa3a2b0406cdbb4739c676
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
bd6cafb0d9f0509d461f9b8845027ecb7f5385ee273346f5f44efd2b328afdb3
be2ab0d77c35977fb5fea026c9ceadfabd67f875d66472e7be6c9a1b5adc70c9
c160550ec10b144f9f3bace98f8983d5960fae45d7a0277c3e2abeb29b16012d
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
cf1d2e3138929e06f063598c0e7457610cc6a3f176b2c32721242c337fc6de9e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b
d07b00955573126e8b47a0bba664a9040e5d16bb1ab9dfc23979302b6ec60cc7
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1edd0283f438579acf3778d1eb054422a9a4c5236bf65ba4fa78c0fe0c44694
d1f9c5c64d175a8bc389afa09401c72262f33961d56241d00902c2a397eac4e7
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d28a5de7127d50b0a74772b8d88538fc16a13897c6c5f19ff61a6830763b12fa
d46651a0642c39afc570af89ad0b4373250d4002c05e92282aab4b289c4771d8
d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42
d8b67c0c2bce8509bb57931a069ffab7122083710b37567c9c0897b6944b1326
d9725fd2da59c5a1563fb1b7754c752c4044552a5025cacfcc4693b9ab0647ec
dba21b69260b204a0ea685b1388df50b9c490e8db990610b08499aef93a72f39
dd19803a2dec5ab04300249acf88f3aa98e21c415d651443d4910b99418adfec
dfeb7783a538aaf85df056bf149c808937dccdb3e3af5714d6fba017054e2f94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e410671658d1dc6f18d8bb5750b4099bd16eff40d2f57ac64a367c0ae27e4928
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa
e5a9c4b6772e9edbac1981639eb2a7b05bfc435f0752481b68aeb2290746b5f5
e8c6793b0daff447dadcd5fe8912516e7fa84adee2469a3f56aefc4613a9597f
eca041f2ffe775c370176cc1824dd4c959f6a69e43356da7afdb14f110cc4638
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
eecdb842e85b2b64a11e9aacd893a3d1a49135117dd693df5218e429df62576b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8401338c19bfea748acdc6d6eff78a4bec3640b135e93737f7ddcd027e1765
f1b242950739491444af49e152bf843e2689019b73a944dde6b4c4ef4860bed9
f24c527341729667fb4a253280f2c5c4c647ad3fce508f91470f18e3a54cec38
f2db9d5f7697cd1a3b2b0909f66c6c88bee18c59c5a91a40badd3edbfff382a5
fb2e6909cec4c0ebdb29e5bd124a6e0492cce4aa54dd5fb2a4219e9af3b0f353
fbbf27902acad47a8df7a5e79c707a699b7789e74a1c703c6d46d9fe6e92aab7
fdcb74f626ef8f1059c0e3bd503017b8fdda4a54afcc26a4da734f5fd5c7a87a
fe92461b01c74e1511e40d7d4fad509a7568eb4da076cd4fcd665c9d0cd0330c
ff0082686f208dfb9abf8f7223c17915003bd817693b474e9f6aa73d6440cfcb

www.fox13now.com Open in urlscan Pro 108.157.109.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

218 Requests

94 %HTTPS

48 %IPv6

42 Domains

70 Subdomains

58 IPs

8 Countries

3975 kBTransfer

14161 kBSize

24 Cookies

27 Outgoing links

Page URL History

Redirected requests

218 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.fox13now.com Open in urlscan Pro
108.157.109.25 Public Scan

Screenshot
Live screenshot

Full Image

218
Requests

94 %
HTTPS

48 %
IPv6

42
Domains

70
Subdomains

58
IPs

8
Countries

3975 kB
Transfer

14161 kB
Size

24
Cookies

218 HTTP transactions
4 data transactions