urlscan.io logo urlscan.io
SecurityTrails logo

www.ksl.com Open in urlscan Pro
64.147.131.201  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.icptrack.com/icp/relay.php?r=5223162&msgid=17076&act=3BE5&c=1910463&pid=235883&destinatio...
Effective URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Submission: On November 10 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 110 IPs in 11 countries across 86 domains to perform 833 HTTP transactions. The main IP is 64.147.131.201, located in Herriman, United States and belongs to DDMINC, US. The main domain is www.ksl.com. The Cisco Umbrella rank of the primary domain is 91761.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 18th 2023. Valid for: a year.
This is the only time www.ksl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.18.29.148 13335 (CLOUDFLAR...)
1 7 64.147.131.201 11319 (DDMINC)
2 2600:9000:206... 16509 (AMAZON-02)
12 18.245.78.146 16509 (AMAZON-02)
24 64.147.131.160 11319 (DDMINC)
1 2a00:1450:400... 15169 (GOOGLE)
1 64.147.128.167 11319 (DDMINC)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 151.101.0.176 54113 (FASTLY)
1 2600:9000:223... 16509 (AMAZON-02)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 130.211.32.235 396982 (GOOGLE-CL...)
7 3.124.119.57 16509 (AMAZON-02)
22 2a00:1450:400... 15169 (GOOGLE)
44 18.66.147.119 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 52.5.164.211 14618 (AMAZON-AES)
2 3 52.214.229.130 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.22.59.219 13335 (CLOUDFLAR...)
46 2a00:1450:400... 15169 (GOOGLE)
8 2606:4700:20:... 13335 (CLOUDFLAR...)
37 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
13 185.64.189.112 62713 (AS-PUBMATIC)
11 52.31.140.196 16509 (AMAZON-02)
3 2603:c020:400... 31898 (ORACLE-BM...)
2 8 34.98.64.218 396982 (GOOGLE-CL...)
10 2606:4700:440... 13335 (CLOUDFLAR...)
10 2a02:2638:3::3 44788 (ASN-CRITE...)
1 104.18.35.167 13335 (CLOUDFLAR...)
1 3 2a02:2638:3::c 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
1 34.96.67.224 396982 (GOOGLE-CL...)
106 2a00:1450:400... 15169 (GOOGLE)
3 54.187.119.242 16509 (AMAZON-02)
1 64.147.130.148 11319 (DDMINC)
1 34.102.232.42 396982 (GOOGLE-CL...)
1 44.228.215.240 16509 (AMAZON-02)
9 161.47.17.28 19994 (RACKSPACE)
1 108.138.1.25 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
6 23.211.9.91 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 2620:116:800d... 16509 (AMAZON-02)
1 2600:9000:20a... 16509 (AMAZON-02)
1 13.32.27.10 16509 (AMAZON-02)
15 216.52.2.30 32475 (SINGLEHOP...)
1 2606:2800:233... 15133 (EDGECAST)
4 34 104.18.36.155 13335 (CLOUDFLAR...)
18 2a00:1450:400... 15169 (GOOGLE)
3 185.64.190.78 62713 (AS-PUBMATIC)
2 4 52.46.143.56 16509 (AMAZON-02)
16 20 216.58.206.34 15169 (GOOGLE)
3 15.197.193.217 16509 (AMAZON-02)
6 7 44.205.140.116 14618 (AMAZON-AES)
2 2 178.250.1.9 44788 (ASN-CRITE...)
2 2600:1f18:ed:... 14618 (AMAZON-AES)
2 2 35.208.249.213 19527 (GOOGLE-2)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
1 3 185.86.138.152 201081 (SMARTADSE...)
2 52.213.27.93 16509 (AMAZON-02)
1 51.89.9.254 16276 (OVH)
3 3 23.56.202.187 16625 (AKAMAI-AS)
20 23.218.210.30 16625 (AKAMAI-AS)
1 2600:9000:223... 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
1 18.205.170.196 14618 (AMAZON-AES)
6 22 37.252.171.149 29990 (ASN-APPNEX)
2 2 216.52.2.86 30282 (AS-INAPCD...)
4 4 46.228.174.117 56396 (AMOBEE)
1 1 2001:678:cb4:... 56396 (AMOBEE)
2 2 193.0.160.131 54312 (ROCKETFUEL)
3 69.166.1.35 27630 (AS-XFERNET)
1 14 147.75.84.158 54825 (PACKET)
4 3.71.149.231 16509 (AMAZON-02)
1 1 3.229.12.239 14618 (AMAZON-AES)
1 35.157.200.246 16509 (AMAZON-02)
1 1 23.211.10.95 16625 (AKAMAI-AS)
2 2606:2800:233... 15133 (EDGECAST)
1 2607:ae80:4::26 26558 (FREEWHEEL)
1 98.98.134.241 21859 (ZEN-ECN)
10 52.210.15.1 16509 (AMAZON-02)
6 9 18.184.214.206 16509 (AMAZON-02)
1 1 35.210.239.72 19527 (GOOGLE-2)
1 1 54.164.94.122 14618 (AMAZON-AES)
1 1 54.156.137.107 14618 (AMAZON-AES)
1 8.18.47.7 398989 (DEEPINTENT)
2 3 64.202.112.95 23352 (SERVERCEN...)
2 3 208.93.169.131 46244 (WEBMD-IDC...)
4 4 37.157.4.29 198622 (ADFORM)
1 3 185.86.139.104 201081 (SMARTADSE...)
1 1 141.95.32.69 16276 (OVH)
1 141.95.32.72 16276 (OVH)
1 1 211.120.53.201 4694 (IDCF IDC ...)
4 4 185.184.8.90 204995 (RTB-HOUSE...)
1 11 69.173.144.138 26667 (RUBICONPR...)
25 46.228.174.115 56396 (AMOBEE)
13 54.73.169.212 16509 (AMAZON-02)
24 2602:803:c003... 26667 (RUBICONPR...)
12 2a02:fa8:8806... 41041 (VCLK-EU-SE)
12 69.166.1.8 27630 (AS-XFERNET)
1 35.230.100.254 396982 (GOOGLE-CL...)
1 23.213.164.226 16625 (AKAMAI-AS)
2 104.18.38.76 13335 (CLOUDFLAR...)
6 2602:803:c003... 26667 (RUBICONPR...)
1 23.211.9.5 16625 (AKAMAI-AS)
1 37.157.5.84 198622 (ADFORM)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 1 64.227.64.62 14061 (DIGITALOC...)
1 2 52.31.205.224 16509 (AMAZON-02)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
1 69.173.144.165 26667 (RUBICONPR...)
1 198.47.127.205 3257 (GTT-BACKB...)
2 2.19.85.30 16625 (AKAMAI-AS)
1 178.250.1.6 44788 (ASN-CRITE...)
36 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 54.87.70.183 14618 (AMAZON-AES)
34 2a02:2638:3::10 44788 (ASN-CRITE...)
2 2a02:2638:3::1a 44788 (ASN-CRITE...)
12 142.250.181.226 15169 (GOOGLE)
1 2a02:2638:d::c 44788 (ASN-CRITE...)
833 110
1    104.18.29.148 (None, )

ASN13335 (CLOUDFLARENET, US)
click.icptrack.com
7    64.147.131.201 (Herriman, United States)

ASN11319 (DDMINC, US)
PTR: ksl.com
www.ksl.com
news-api.ksl.com
2    2600:9000:206f:d800:2:8f43:5780:93a1 (United States)

ASN16509 (AMAZON-02, US)
nexus.ensighten.com
12    18.245.78.146 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-78-146.fra60.r.cloudfront.net
d3njgrq4uvb497.cloudfront.net
24    64.147.131.160 (Herriman, United States)

ASN11319 (DDMINC, US)
PTR: img.bonnint.net
static.ksl.com
img.ksl.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    64.147.128.167 (Salt Lake City, United States)

ASN11319 (DDMINC, US)
media.ksl.com
3    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6812:1a32 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.mouseflow.com
5    151.101.0.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
m.stripe.network
1    2600:9000:223d:5a00:10:ce97:9fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
tag.durationmedia.net
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
prebidads.revcatch.com
6    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    130.211.32.235 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 235.32.211.130.bc.googleusercontent.com
static.rubyblu.com
7    3.124.119.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
data.privacy.ensighten.com
22    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
44    18.66.147.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-119.fra60.r.cloudfront.net
tagan.adlightning.com
2    2606:4700:20::ac43:4591 (United States)

ASN13335 (CLOUDFLARENET, US)
app.protectsubrev.com
4    52.5.164.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-164-211.compute-1.amazonaws.com
be.durationmedia.net
3    52.214.229.130 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-229-130.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    104.22.59.219 (None, )

ASN13335 (CLOUDFLARENET, US)
media.twiliocdn.com
46    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
8    2606:4700:20::681a:de1 (United States)

ASN13335 (CLOUDFLARENET, US)
pages.protectsubrev.com
app.protectsubrev.com
37    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
8    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2606:4700:10::ac43:2954 (United States)

ASN13335 (CLOUDFLARENET, US)
ex.ingage.tech
13    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
11    52.31.140.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
ads.servenobid.com
3    2603:c020:400d:3000:7130:bb0b:d7e:bee2 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
deseret.technoratimedia.com
sync.technoratimedia.com
8    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
ksl-d.openx.net
us-u.openx.net
10    2606:4700:4400::6812:2894 (United States)

ASN13335 (CLOUDFLARENET, US)
cookie-cdn.cookiepro.com
10    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
3    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
3    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
00bd33c21fd21f2993a60e7dd9823991.safeframe.googlesyndication.com
d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com
1    34.96.67.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.67.96.34.bc.googleusercontent.com
cdn.siftscience.com
106    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com
q.stripe.com
1    64.147.130.148 (Herriman, United States)

ASN11319 (DDMINC, US)
PTR: messages-microservice.ksl.com
messages-microservice.ksl.com
1    34.102.232.42 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.232.102.34.bc.googleusercontent.com
hexagon-analytics.com
1    44.228.215.240 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-228-215-240.us-west-2.compute.amazonaws.com
m.stripe.com
9    161.47.17.28 (United States)

ASN19994 (RACKSPACE, US)
saambaa.com
api.saambaa.com
1    108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    23.211.9.91 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-211-9-91.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    2600:9000:20ab:7200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    13.32.27.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-10.fra56.r.cloudfront.net
public.servenobid.com
15    216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    2606:2800:233:f76:14f7:d635:25c4:c8d7 (United States)

ASN15133 (EDGECAST, US)
ad-cdn.technoratimedia.com
34    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
htlb.casalemedia.com
dsum.casalemedia.com
18    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
20    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net
cm.g.doubleclick.net
3    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
7    44.205.140.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-140-116.compute-1.amazonaws.com
i.liadm.com
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    2600:1f18:ed:550f:9c1b:36c6:f801:176e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
2    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
2    2a05:d018:d29:3605:b2f6:43fb:c655:2341 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    185.86.138.152 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    52.213.27.93 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-27-93.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
1    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
3    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
20    23.218.210.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-210-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2600:9000:223f:6000:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
1    18.205.170.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-170-196.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
22    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
2    216.52.2.86 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
4    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
3    69.166.1.35 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
14    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    3.229.12.239 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-12-239.compute-1.amazonaws.com
ssp.disqus.com
1    35.157.200.246 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-200-246.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    23.211.10.95 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-211-10-95.deploy.static.akamaitechnologies.com
hbx.media.net
2    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
saambaa-static.azureedge.net
1    2607:ae80:4::26 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
1    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
10    52.210.15.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
9    18.184.214.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-214-206.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    35.210.239.72 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 72.239.210.35.bc.googleusercontent.com
u.ipw.metadsp.co.uk
1    54.164.94.122 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-94-122.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    54.156.137.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-137-107.compute-1.amazonaws.com
sync.ipredictive.com
1    8.18.47.7 (Miami, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
3    64.202.112.95 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
3    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
4    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    141.95.32.69 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: haproxy-eu-004.roqad.pl
ws.rqtrk.eu
1    141.95.32.72 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: haproxy-eu-005.roqad.pl
wt.rqtrk.eu
1    211.120.53.201 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
11    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
25    46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)
targeting.unrulymedia.com
13    54.73.169.212 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-169-212.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
24    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
12    2a02:fa8:8806:16::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
12    69.166.1.8 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
1    35.230.100.254 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 254.100.230.35.bc.googleusercontent.com
pixel.rubyblu.com
1    23.213.164.226 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-226.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
6    2602:803:c003:200::77 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
beacon-ams3.rubiconproject.com
1    23.211.9.5 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-211-9-5.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    37.157.5.84 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    64.227.64.62 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    52.31.205.224 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-205-224.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image2.pubmatic.com
2    2.19.85.30 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-85-30.deploy.static.akamaitechnologies.com
sync.teads.tv
1    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
36    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    54.87.70.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-70-183.compute-1.amazonaws.com
1x1.a-mo.net
34    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
2    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
12    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
Apex Domain
Subdomains		 Transfer
146 googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
00bd33c21fd21f2993a60e7dd9823991.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com
2 MB
98 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439
708 KB
65 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969
eus.rubiconproject.com — Cisco Umbrella Rank: 602
token.rubiconproject.com — Cisco Umbrella Rank: 458
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 10151
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
199 KB
46 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10986
csm.eu.criteo.net — Cisco Umbrella Rank: 10557
695 KB
44 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 2185
1 MB
36 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
936 KB
34 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
htlb.casalemedia.com — Cisco Umbrella Rank: 511
dsum.casalemedia.com — Cisco Umbrella Rank: 1396
22 KB
33 ksl.com
www.ksl.com — Cisco Umbrella Rank: 91761
static.ksl.com — Cisco Umbrella Rank: 95526
img.ksl.com — Cisco Umbrella Rank: 85419
media.ksl.com — Cisco Umbrella Rank: 168093
news-api.ksl.com — Cisco Umbrella Rank: 83691
messages-microservice.ksl.com — Cisco Umbrella Rank: 99785
797 KB
26 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
targeting.unrulymedia.com — Cisco Umbrella Rank: 792
2 KB
23 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
secure.adnxs.com — Cisco Umbrella Rank: 495
acdn.adnxs.com — Cisco Umbrella Rank: 609
35 KB
23 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502
ads.pubmatic.com — Cisco Umbrella Rank: 534
image6.pubmatic.com — Cisco Umbrella Rank: 823
image2.pubmatic.com — Cisco Umbrella Rank: 924
108 KB
22 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
1 MB
17 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
1x1.a-mo.net — Cisco Umbrella Rank: 2785
2 KB
17 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 683
ce.lijit.com — Cisco Umbrella Rank: 882
7 KB
15 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 931
apex.go.sonobi.com — Cisco Umbrella Rank: 1987
14 KB
13 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3773
casale-match.dotomi.com — Cisco Umbrella Rank: 3027
3 KB
13 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 657
3 KB
12 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1591
usersync.gumgum.com — Cisco Umbrella Rank: 2098
rtb.gumgum.com — Cisco Umbrella Rank: 1589
4 KB
12 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2437
public.servenobid.com — Cisco Umbrella Rank: 5174
8 KB
12 cloudfront.net
d3njgrq4uvb497.cloudfront.net
435 KB
10 cookiepro.com
cookie-cdn.cookiepro.com — Cisco Umbrella Rank: 6915
182 KB
10 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3040
www.google.com — Cisco Umbrella Rank: 2
3 KB
10 protectsubrev.com
app.protectsubrev.com — Cisco Umbrella Rank: 47815
pages.protectsubrev.com — Cisco Umbrella Rank: 50560
60 KB
9 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
3 KB
9 liadm.com
i.liadm.com — Cisco Umbrella Rank: 539
i6.liadm.com — Cisco Umbrella Rank: 2731
5 KB
9 saambaa.com
saambaa.com — Cisco Umbrella Rank: 22031
api.saambaa.com — Cisco Umbrella Rank: 24451
166 KB
9 ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 3744
data.privacy.ensighten.com — Cisco Umbrella Rank: 8840
76 KB
8 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
mug.criteo.com — Cisco Umbrella Rank: 2926
dis.criteo.com — Cisco Umbrella Rank: 597
ads.eu.criteo.com — Cisco Umbrella Rank: 10450
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 17732
68 KB
8 openx.net
ksl-d.openx.net — Cisco Umbrella Rank: 145013
us-u.openx.net — Cisco Umbrella Rank: 522
59 KB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1287
q.stripe.com — Cisco Umbrella Rank: 7148
m.stripe.com — Cisco Umbrella Rank: 1249
157 KB
6 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
2 KB
6 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
1 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
42 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 599
cm.adform.net — Cisco Umbrella Rank: 1267
3 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
68 KB
5 durationmedia.net
tag.durationmedia.net — Cisco Umbrella Rank: 7819
be.durationmedia.net — Cisco Umbrella Rank: 7919
37 KB
4 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 592
1 KB
4 technoratimedia.com
deseret.technoratimedia.com — Cisco Umbrella Rank: 151270
ad-cdn.technoratimedia.com — Cisco Umbrella Rank: 5264
sync.technoratimedia.com — Cisco Umbrella Rank: 1617
7 KB
4 ingage.tech
ex.ingage.tech — Cisco Umbrella Rank: 9601
2 KB
3 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
2 KB
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
1 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
2 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
445 B
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1245
pixel.quantserve.com — Cisco Umbrella Rank: 964
cms.quantserve.com — Cisco Umbrella Rank: 764
10 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
871 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
242 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1403
326 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 228
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 674
cdn.indexww.com — Cisco Umbrella Rank: 1531
2 KB
2 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 3851
wt.rqtrk.eu — Cisco Umbrella Rank: 1674
708 B
2 azureedge.net
saambaa-static.azureedge.net — Cisco Umbrella Rank: 27595
45 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
1 KB
2 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 904
575 B
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1354
16 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6862
515 B
2 rubyblu.com
static.rubyblu.com — Cisco Umbrella Rank: 85929
pixel.rubyblu.com — Cisco Umbrella Rank: 129647
9 KB
2 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 447
fonts.googleapis.com — Cisco Umbrella Rank: 31
126 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
5 KB
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2242
514 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1489
422 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4925
235 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1208
697 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1055
44 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
465 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
1 KB
1 metadsp.co.uk
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 5190
237 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
187 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
651 B
1 media.net
hbx.media.net — Cisco Umbrella Rank: 1337
287 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
35 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1439
274 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
434 B
1 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2460
370 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1545
160 B
1 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 5267
526 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1212
633 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
4 KB
1 hexagon-analytics.com
hexagon-analytics.com — Cisco Umbrella Rank: 5403
297 B
1 siftscience.com
cdn.siftscience.com — Cisco Umbrella Rank: 9219
21 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1383
5 KB
1 twiliocdn.com
media.twiliocdn.com — Cisco Umbrella Rank: 26319
127 KB
1 revcatch.com
prebidads.revcatch.com — Cisco Umbrella Rank: 67321
7 KB
1 mouseflow.com
cdn.mouseflow.com — Cisco Umbrella Rank: 7012
19 KB
1 icptrack.com
click.icptrack.com — Cisco Umbrella Rank: 37008
245 B
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
833 86
Domain Requested by
106 pagead2.googlesyndication.com www.ksl.com
tpc.googlesyndication.com
tagan.adlightning.com
pagead2.googlesyndication.com
46 securepubads.g.doubleclick.net www.ksl.com
tagan.adlightning.com
d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com
44 tagan.adlightning.com www.ksl.com
tagan.adlightning.com
d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com
37 tpc.googlesyndication.com www.ksl.com
tagan.adlightning.com
d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com
36 s0.2mdn.net tagan.adlightning.com
s0.2mdn.net
34 imageproxy.eu.criteo.net ads.eu.criteo.com
25 targeting.unrulymedia.com saambaa.com
24 fastlane.rubiconproject.com saambaa.com
22 www.googletagservices.com www.ksl.com
tagan.adlightning.com
d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com
20 ib.adnxs.com 4 redirects saambaa.com
acdn.adnxs.com
googleads.g.doubleclick.net
20 eus.rubiconproject.com public.servenobid.com
ex.ingage.tech
eus.rubiconproject.com
g2.gumgum.com
tagan.adlightning.com
www.ksl.com
20 cm.g.doubleclick.net 16 redirects g2.gumgum.com
googleads.g.doubleclick.net
18 googleads.g.doubleclick.net tagan.adlightning.com
16 dsum-sec.casalemedia.com 3 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
15 ap.lijit.com www.ksl.com
public.servenobid.com
saambaa.com
tagan.adlightning.com
14 prebid.a-mo.net 1 redirects saambaa.com
tagan.adlightning.com
14 static.ksl.com www.ksl.com
static.ksl.com
13 ads.yieldmo.com saambaa.com
tagan.adlightning.com
13 hbopenbid.pubmatic.com www.ksl.com
saambaa.com
12 googleads4.g.doubleclick.net tagan.adlightning.com
12 htlb.casalemedia.com saambaa.com
12 apex.go.sonobi.com saambaa.com
12 web.hb.ad.cpe.dotomi.com saambaa.com
12 d3njgrq4uvb497.cloudfront.net www.ksl.com
d3njgrq4uvb497.cloudfront.net
11 token.rubiconproject.com 1 redirects eus.rubiconproject.com
11 ads.servenobid.com www.ksl.com
public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
ssbsync.smartadserver.com
10 usersync.gumgum.com g2.gumgum.com
10 static.criteo.net www.ksl.com
ads.eu.criteo.com
10 cookie-cdn.cookiepro.com www.ksl.com
10 img.ksl.com www.ksl.com
d3njgrq4uvb497.cloudfront.net
9 x.bidswitch.net 6 redirects g2.gumgum.com
ssum-sec.casalemedia.com
8 www.google.com www.ksl.com
tagan.adlightning.com
d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com
7 i.liadm.com 6 redirects ssum-sec.casalemedia.com
7 saambaa.com tagan.adlightning.com
www.ksl.com
7 data.privacy.ensighten.com www.ksl.com
6 beacon-ams3.rubiconproject.com tagan.adlightning.com
6 ads.pubmatic.com tagan.adlightning.com
www.ksl.com
public.servenobid.com
g2.gumgum.com
6 app.protectsubrev.com www.ksl.com
6 www.google-analytics.com www.ksl.com
tagan.adlightning.com
cdn.jsdelivr.net
6 www.ksl.com 1 redirects www.ksl.com
5 ssum-sec.casalemedia.com 1 redirects www.ksl.com
ssum-sec.casalemedia.com
public.servenobid.com
js-sec.indexww.com
4 creativecdn.com 4 redirects
4 c1.adform.net 4 redirects
4 us-u.openx.net 2 redirects googleads.g.doubleclick.net
4 ups.analytics.yahoo.com public.servenobid.com
ssum-sec.casalemedia.com
googleads.g.doubleclick.net
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
4 ksl-d.openx.net www.ksl.com
4 ex.ingage.tech www.ksl.com
ssum-sec.casalemedia.com
4 pages.protectsubrev.com www.ksl.com
4 be.durationmedia.net www.ksl.com
3 1x1.a-mo.net
3 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
3 bh.contextweb.com 2 redirects
3 b1sync.zemanta.com 2 redirects ssbsync.smartadserver.com
3 sync.go.sonobi.com public.servenobid.com
3 sync.1rx.io 3 redirects
3 secure-assets.rubiconproject.com 3 redirects
3 ssbsync.smartadserver.com 1 redirects ssum-sec.casalemedia.com
public.servenobid.com
3 match.adsrvr.org ssum-sec.casalemedia.com
g2.gumgum.com
3 image6.pubmatic.com ads.pubmatic.com
googleads.g.doubleclick.net
3 q.stripe.com www.ksl.com
3 match.prod.bidr.io 2 redirects www.ksl.com
3 js.stripe.com www.ksl.com
js.stripe.com
3 www.googletagmanager.com www.ksl.com
2 csm.eu.criteo.net ads.eu.criteo.com
2 sync.teads.tv googleads.g.doubleclick.net
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com tagan.adlightning.com
2 secure.adnxs.com 2 redirects
2 saambaa-static.azureedge.net www.ksl.com
2 p.rfihub.com 2 redirects
2 ce.lijit.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
2 trace.mediago.io 2 redirects
2 i6.liadm.com ssum-sec.casalemedia.com
2 dis.criteo.com 2 redirects
2 api.saambaa.com tagan.adlightning.com
saambaa.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 gum.criteo.com 1 redirects www.ksl.com
2 deseret.technoratimedia.com www.ksl.com
2 www.google.de www.ksl.com
2 stats.g.doubleclick.net www.ksl.com
2 region1.analytics.google.com www.ksl.com
2 nexus.ensighten.com www.ksl.com
1 rtb.fr3.eu.criteo.com d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 cat.nl3.eu.criteo.com ads.eu.criteo.com
1 image2.pubmatic.com googleads.g.doubleclick.net
1 pixel.rubiconproject.com googleads.g.doubleclick.net
1 ads.eu.criteo.com d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 match.adsby.bidtheatre.com 1 redirects
1 s.company-target.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 cm.adform.net googleads.g.doubleclick.net
1 ad.yieldlab.net googleads.g.doubleclick.net
1 js-sec.indexww.com tagan.adlightning.com
1 acdn.adnxs.com tagan.adlightning.com
1 pixel.rubyblu.com www.ksl.com
1 tg.socdm.com 1 redirects
1 rtb.gumgum.com g2.gumgum.com
1 wt.rqtrk.eu ssbsync.smartadserver.com
1 ws.rqtrk.eu 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 u.ipw.metadsp.co.uk 1 redirects
1 pixel-sync.sitescout.com ssum-sec.casalemedia.com
1 cms.quantserve.com 1 redirects
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 sync.technoratimedia.com
1 pixel.quantserve.com www.ksl.com
1 hbx.media.net 1 redirects
1 match.sharethrough.com public.servenobid.com
1 ssp.disqus.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 ad.turn.com 1 redirects
1 cs-server-s2s.yellowblue.io public.servenobid.com
1 sync.adkernel.com public.servenobid.com
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 onetag-sys.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 ad-cdn.technoratimedia.com www.ksl.com
1 public.servenobid.com www.ksl.com
1 rules.quantcount.com tagan.adlightning.com
1 secure.quantserve.com tagan.adlightning.com
1 cdn.jsdelivr.net tagan.adlightning.com
1 fonts.googleapis.com tagan.adlightning.com
1 c.amazon-adsystem.com www.ksl.com
1 m.stripe.com m.stripe.network
1 hexagon-analytics.com
1 messages-microservice.ksl.com www.ksl.com
1 cdn.siftscience.com www.ksl.com
1 00bd33c21fd21f2993a60e7dd9823991.safeframe.googlesyndication.com www.ksl.com
1 mug.criteo.com www.ksl.com
1 cdn-ima.33across.com www.ksl.com
1 news-api.ksl.com www.ksl.com
1 media.twiliocdn.com www.ksl.com
1 static.rubyblu.com www.ksl.com
1 prebidads.revcatch.com www.ksl.com
1 tag.durationmedia.net www.ksl.com
1 cdn.mouseflow.com www.ksl.com
1 media.ksl.com www.ksl.com
1 imasdk.googleapis.com www.ksl.com
1 click.icptrack.com 1 redirects
0 sync.search.spotxchange.com Failed googleads.g.doubleclick.net
833 147
Subject Issuer Validity Valid
*.ksl.com
Go Daddy Secure Certificate Authority - G2		 2023-05-18 -
2024-06-17		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
nexus.ensighten.com
Amazon RSA 2048 M02		 2023-09-29 -
2024-10-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
cdn.mouseflow.com
Cloudflare Inc ECC CA-3		 2023-10-25 -
2024-10-23		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-30 -
2024-01-25		 3 months crt.sh
*.durationmedia.net
Amazon RSA 2048 M02		 2023-10-11 -
2024-11-07		 a year crt.sh
revcatch.com
GTS CA 1P5		 2023-09-24 -
2023-12-23		 3 months crt.sh
ads.rubyblu.com
GTS CA 1D4		 2023-09-16 -
2023-12-15		 3 months crt.sh
*.privacy.ensighten.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-03 -
2024-02-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.adlightning.com
Amazon RSA 2048 M01		 2023-07-08 -
2024-08-05		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-08-30 -
2024-08-29		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.ingage.tech
Sectigo RSA Organization Validation Secure Server CA		 2023-07-28 -
2024-08-11		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
*.technoratimedia.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-12 -
2024-09-16		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
cookiepro.com
Cloudflare Inc ECC CA-3		 2023-03-20 -
2024-03-19		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.siftscience.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-10 -
2024-02-10		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-10-09 -
2024-01-18		 3 months crt.sh
*.hexagon-analytics.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-31 -
2023-12-01		 a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-05 -
2024-01-18		 3 months crt.sh
*.saambaa.com
Go Daddy Secure Certificate Authority - G2		 2023-04-03 -
2024-05-04		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2023-07-16 -
2024-07-16		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.zemanta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-16 -
2024-09-05		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.a-mo.net
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
www.rubyblu.com
R3		 2023-11-09 -
2024-02-07		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2023-08-31 -
2024-09-28		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2023-12-23		 3 months crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-30 -
2023-12-25		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-17 -
2024-01-18		 3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-07 -
2023-12-30		 3 months crt.sh

This page contains 93 frames:

Primary Page: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Frame ID: C49ED423D41DFEC108B4BC600194E201
Requests: 125 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ksl.com
Frame ID: 2D3A50D32F97A0CFDEED79BB8E1A2D8A
Requests: 2 HTTP requests in this frame

Frame: https://00bd33c21fd21f2993a60e7dd9823991.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F21443F5E14A339E3F7478608E66575F
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 6B751CB56BBC3A4EBBBA3C9ED3AB3417
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: D6AB7E3D01FAF3303A118400EE3B7FF8
Requests: 4 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Frame ID: 595EE18D0411B8780D57F57237B8DE5C
Requests: 203 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Frame ID: 34ED72B704DF6D9BFBF4C02B37C29351
Requests: 8 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Frame ID: ADDC7E2C93BA2805E35867B38B262D28
Requests: 9 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Frame ID: 82E4B90E2BF81975C4A943D062BECB20
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F17AE6906D0D673B0A20259EE94B7C5F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CD041FD43AB39C7819171262CF7E0BDC
Requests: 2 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 3BD8B0B634E08DFADD23B10B310B0142
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Frame ID: 733D71BB308701AE3574A6A7CCF5287A
Requests: 4 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsovrn%2F29bccf64-7590-4da7-9795-e8390147c0fe%3Fuid%3D%24UID
Frame ID: 6D7393A1B2CA787F27826294DE174506
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F29bccf64-7590-4da7-9795-e8390147c0fe%3Fuid%3DPM_UID
Frame ID: 6E44BD667F157E47A580CC738CD9D999
Requests: 2 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.24.0
Frame ID: E5B869CA0115A8D817D54C5E3C69AD25
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Frame ID: 94E10979A400C907C0863BB2DCADBA43
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F29bccf64-7590-4da7-9795-e8390147c0fe%3Fuid%3D&s=192379&C=1
Frame ID: C8BE5272999B257B23B0A46B636C2B7C
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/zrt_lookup_fy2021.html
Frame ID: F13E12807FC9BD21FCDC68FD6498AAF9
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 78A6A748378A8AA25DAE7C3ADF0785F2
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 4AEA2F7DFC98C5F9FF7578EE56DEB120
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 2A078C367EBB2AC35EF46835DA6317DA
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: DDB7069C864C10FFD51CA5E105E115B7
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 930ED3370CE4533C55B69F686356795F
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: FA8C2A95B9BD552DE559384A2F3885E2
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 06ABD583D6AFA313F5101BD75BE53633
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 82E2F766B35D7C2A458D451E16F193D6
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 442AA53C7ED74571257A270FEE2020EF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6200089548495652&output=html&adk=1812271804&adf=3279755400&lmt=1699633972&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C236x810_r&format=0x0&url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699633972251&bpp=13&bdt=2370&idt=283&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&cookie=ID%3D844df475bb5eeae6%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_MYcLTca-AldOlRnbxNPEw1wJlqeQQ&gpic=UID%3D00000cbf89a7250f%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_Mbx_oj8txuoS4whmloLukh8SlDFiw&nras=1&correlator=1920673714118&frm=23&ife=4&pv=2&ga_vid=233581687.1699633968&ga_sid=1699633973&ga_hid=1249276230&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=728&ish=90&ifk=3119622773&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079404%2C44795922%2C44801485%2C44807460%2C31078301%2C44807754%2C44806141%2C44807763%2C44808149%2C44808285&oid=2&pvsid=917218608026602&tmod=1047880390&uas=0&nvt=1&fsapi=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.hqpvaisid5oe&fsb=1&dtd=352
Frame ID: 49AEFB4452598336A2881AB42EB8EA7D
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=5851998803673849921&gdpr=0&gdpr_consent=
Frame ID: 739727EC6B74C10865350516D7045A2E
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV80OTJhMGRkMy02MWNhLTRkMWMtYTNhOC04OTdiZjE0ZmNhYmI=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 5269E39DB450D8F1DFAB6C6AA8FDE5BE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: A1BC7224DD1EFEEA13F6E8BC547CADED
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 47CE579C9C2472D14A2C65AFD7B44880
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZU5bNcCo5s4AACRPt9cAAAAA
Frame ID: D0F4290753BC5C5FB787CB91DD78BF9D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=gVTAiOMn0WWeadP1g58M&pi=gumgum&tc=1
Frame ID: 9B77FA9927DC5E916A5A6AF5F5CCB776
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 90F9A5459533FC1E11BBAFCA6B632575
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E470E9AFFD993F66139DC4D92D149761
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 089D1B922D32BF398A1CB449A22770BF
Requests: 2 HTTP requests in this frame

Frame: https://d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 78ECDF3F37DF87C6053598FDC071472C
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/bl-34df212-770f4526.js
Frame ID: 6281E96409D4AF3283B384EF64DBC097
Requests: 13 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/bl-34df212-770f4526.js
Frame ID: 3286271960F9FC8C03E8DFBD7B390359
Requests: 13 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/bl-34df212-770f4526.js
Frame ID: FBEBC0DBC811A4C4341100D4BF048FC0
Requests: 13 HTTP requests in this frame

Frame: https://d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 2FD274585691C26AA8BEF8FAA32036B0
Requests: 14 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/bl-34df212-770f4526.js
Frame ID: B3AD9F68631C4554576C80C949798DF0
Requests: 24 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/bl-34df212-770f4526.js
Frame ID: 4F423C0C8C88F5B267779ECDA39FAB67
Requests: 24 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/bl-34df212-770f4526.js
Frame ID: 0429DE1D30D79B5DE8E6FDB380B958CA
Requests: 24 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/bl-34df212-770f4526.js
Frame ID: 952C046FC52BF8602EE3B05B140CC4A4
Requests: 24 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/bl-34df212-770f4526.js
Frame ID: 9D4B6EE86B12FE38D9446680117400C1
Requests: 24 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Frame ID: E7EAA6993B981394244114950AC11DF0
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 29964CCC30EA9D70C6B139E723C1134A
Requests: 3 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 8C1DBD090B1E58EDF7C154424784D64C
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13401719
Frame ID: 16AA7ED2B9431205ED840564BF79CAA2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 31CD25D753AED458269E12B1EF36B251
Requests: 3 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: D15233E7B0FD64E2759E358E091FAE1F
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9C9D237476F457FF3424FA074A4E75B0
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/bl-34df212-770f4526.js
Frame ID: E70462D5C5F2048BFC2CD4CCB95FF4A4
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCls6mZBBjhiZLwATAB&v=APEucNX4YcD2Y9JqArwyDe9bmSdnRGKT4R-ddOTwcO8gXWSr_0SRawYhKEM-iZUMwYFGnywu47zsnM2wuNS3kZZ-kJSOaoe3GATe-4WcjPuoeNFn3fB4vDHofmTLHmUcEVy7iUwdCqJHPCapOQwKjJmYh3iuj5VvZ6-QLfzFz2BwZHstsBKO55s
Frame ID: B14C1AF0A328E2525A897B6224224907
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCls6mZBBjhiZLwATAB&v=APEucNU3Ex7r0KD8SYpB0cWRwkr76QH6CTpNrT8ZzebPpOtvXU4zoLySosh7PJJFTW1ZsF0dVB8jbs_McFDoCVtbvk1LY4ucotZfOugtxJYBRAynO21XkpRYcJ4nyInACAEUnHwSs4nAbdTX67hzwKiUtinIDIGBrHs0dyPYXud4jwxVZie4BNU
Frame ID: 2FB1DA07FDDBCF6E67D1EEF297E6ADD3
Requests: 5 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ksl.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 3B231B049F0283E3647B3ADA41A3E683
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCls6mZBBjhiZLwATAB&v=APEucNUTQTuAQfc0Fz5HSHUgNpusmupoIjr1jiq0SRcyAmxtyKPRlf7ore6jGM8kK3f50E9XK9OBX1MtarN52W2Mxr7hB568ajIWYZMvSO5iGrRK0_uQ9caehawDldTUnYKCdrZW90ptnmoj4oYfty2NYoD_xOMHZ3g0MHgC_IqCPrSxCFN67uo
Frame ID: 0B7D5BA872024E256B783B12998A34A5
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCls6mZBBjhiZLwATAB&v=APEucNXBd0Swzb6FhTMN9I0ZcdI-MoasU02ayK6JPxwT1vdnDJKJHXtB7S-C6f2bkiROdFD3aEuLb-O-Z_mcHeelQBpRFJ3QXhCeA2KO8RL1Vsksy4a7VoZG5O80ZG1XBYTZiWEDpRWEnvWZrpPj-id6lS8dsML5rqr7_H5AM8owmItEzMNPJmY
Frame ID: 5E9040AF2F2F0D1591ABD18B917F4279
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCls6mZBBjhiZLwATAB&v=APEucNW88wyuiYRiK50e18lDI3KNJhWgyK5tkx5HOUay8kgw8ihucUspKnd2I0WINByZnJjhH9QM2pYvx5WlxBqbu2zhdq2FMB9-qp3HZMwyhN1Y-5ABUdaVWdPyPbAlvZAw2FF0IDSsYxM24dfoX5ciZZVT66CVOfKfc9SwJpmldbOTBXNmoLc
Frame ID: 6F3E5027A5A19D6F6B79BCAD524C5655
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Frame ID: 5CBDE336BD0D26E5140C1AF4718CBF06
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCls6mZBBjhiZLwATAB&v=APEucNXRmff6qLoY80dZn04TXjc5lHo3H68ASY5sI_FIwsDgHZUXeVN8Ue7Fa7EWu9h9YcocUAjiN-T8_g3jyI2KfBsXAZfUfoCxWw3CsmYSSRoC_WwqDg31Ceppx7heY5u-CNfe5gKNJWtuP19gOFCFVlUz8Cmr8MFc67T8o8WJv2DCDA_ZDt0
Frame ID: B1F8D9722EB4EDC667A0240B3EE2D543
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=90&slotname=RON_728x90_House&adk=3207061216&adf=4198790041&pi=t.ma~as.RON_728x90_House&w=728&lmt=1699633980&url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699633975518&bpp=2327&bdt=1781&idt=5089&shv=r20231108&mjsv=m202311020101&ptt=5&saldr=sd&cookie=ID%3D844df475bb5eeae6%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_MYcLTca-AldOlRnbxNPEw1wJlqeQQ&gpic=UID%3D00000cbf89a7250f%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_Mbx_oj8txuoS4whmloLukh8SlDFiw&correlator=1920673714118&frm=23&ife=4&pv=2&ga_vid=233581687.1699633968&ga_sid=1699633981&ga_hid=2063222202&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=154&biw=1600&bih=1200&isw=728&ish=90&ifk=3442814441&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079408%2C44785295%2C44798934%2C44807464%2C31078297%2C44806141%2C44807763%2C44808149%2C44808285&oid=2&pvsid=4431859809604424&tmod=936028158&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.o62v4moigkqd&fsb=1&dtd=5110
Frame ID: A58031984C523B0C1848088C5948FC90
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=90&slotname=RON_728x90_House&adk=3207061216&adf=4198791072&pi=t.ma~as.RON_728x90_House&w=728&lmt=1699633980&url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699633976212&bpp=1736&bdt=2076&idt=4514&shv=r20231108&mjsv=m202311060101&ptt=5&saldr=sd&cookie=ID%3D844df475bb5eeae6%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_MYcLTca-AldOlRnbxNPEw1wJlqeQQ&gpic=UID%3D00000cbf89a7250f%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_Mbx_oj8txuoS4whmloLukh8SlDFiw&correlator=1920673714118&frm=23&ife=4&pv=1&ga_vid=233581687.1699633968&ga_sid=1699633981&ga_hid=1726719659&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=154&biw=1600&bih=1200&isw=728&ish=90&ifk=3502648046&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079402%2C42531705%2C44807464%2C31078301%2C31079474%2C42532361%2C44806141%2C44807763%2C44808149%2C44808285%2C31079474&oid=2&pvsid=3362637149359268&tmod=114575168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.qv98arkg62hv&fsb=1&dtd=4535
Frame ID: F9630F98F29F10261D307B1BA136BDAA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=90&slotname=RON_728x90_House&adk=3207061216&adf=4198791691&pi=t.ma~as.RON_728x90_House&w=728&lmt=1699633980&url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699633976374&bpp=2279&bdt=2115&idt=4466&shv=r20231108&mjsv=m202311060101&ptt=5&saldr=sd&cookie=ID%3D844df475bb5eeae6%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_MYcLTca-AldOlRnbxNPEw1wJlqeQQ&gpic=UID%3D00000cbf89a7250f%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_Mbx_oj8txuoS4whmloLukh8SlDFiw&correlator=1920673714118&frm=23&ife=4&pv=1&ga_vid=233581687.1699633968&ga_sid=1699633981&ga_hid=1491613026&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=154&biw=1600&bih=1200&isw=728&ish=90&ifk=2341572618&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44807461%2C31078297%2C31079474%2C44806141%2C44807763%2C44808149%2C44808285&oid=2&pvsid=2311475159034933&tmod=677826995&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.zdcmj3aujxvb&fsb=1&dtd=4476
Frame ID: B9124ACA9057CD3CE4E109576FC5F856
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 5FDDB74ED7B3C8AE896900A154A63481
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: CC8C6E5FDF20ACBBDED5FC12F97EAA4D
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: ABFD8BB26F3BFAA08D0CA6B4A1304AA2
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 957651C23C252C31DF010C34171BB938
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 45E84A81A67B1D7C3CB4216035C8EFA0
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Frame ID: 2F5EA0EDCD3E0A236180C2042CB21DAB
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Frame ID: 391325A65E6F391DE8C459E450EBB2DE
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 04D7437047FC34B3F00E212EF8EB1804
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Frame ID: F1661FD7D3A0A6FE7FBC336143E07A47
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Frame ID: 02F75FBF0A2255BB7E8AFE7A69223028
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 807C755CC5A99BFE856F9A7964B62B0F
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Frame ID: 09CA6A4AFE93E72BADF1BF9A8BE0BDA6
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 703C8201259E37A334EE3ACCEC365095
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4C8488614B6A868B6554E0D69740B361
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 877C015080B850978AF98C9A1C86E5CF
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Frame ID: 76B312E39FE57A89C35857248268E4CC
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 43273A3CE9C0336965898576C83131C4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 62D50B87D02CFCFABB0C6D31A0408933
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E576BECED78C9095BE5BC0B09122266F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 617D9D540063E8DCBA957B9AF47F5B7F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C9EBE62A2400EB2948C6627D0CC11EFB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AFF9AFDA5FFFB8CF5FF741F15BE5F664
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 86A8320FFDFABC1D8F8D27E72E1B09C1
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1B5961E4BEDD607F90D4973413CACDD1
Requests: 2 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/bl-34df212-770f4526.js
Frame ID: 8A33198D25C222CFA3199F8CBB716B31
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=90&slotname=RON_728x90_House&adk=3207061216&adf=3176501634&pi=t.ma~as.RON_728x90_House&w=728&lmt=1699633991&url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699633989944&bpp=989&bdt=1345&idt=1385&shv=r20231108&mjsv=m202311020101&ptt=5&saldr=sd&cookie=ID%3D844df475bb5eeae6%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_MYcLTca-AldOlRnbxNPEw1wJlqeQQ&gpic=UID%3D00000cbf89a7250f%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_Mbx_oj8txuoS4whmloLukh8SlDFiw&correlator=1920673714118&frm=23&ife=4&pv=1&ga_vid=233581687.1699633968&ga_sid=1699633991&ga_hid=1715535032&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=728&ish=90&ifk=4264501926&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079403%2C44785295%2C44807460%2C31078301%2C44806141%2C44807763%2C44808149%2C44808285%2C31079570&oid=2&pvsid=3658683040949401&tmod=1343131426&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4zreri8o2bwy&fsb=1&dtd=1522
Frame ID: 68FD71C0096562A18F9D4C50A036E96B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

1.1M-pound historic steam train to return to Utah during 2024 tour | KSL.comKSL homepageKSL homepageMessages (0)account - logged outSupportKSL homepageKSL homepageclose sub menucheck marksearchMessages (0)account - logged outSupportBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. https://click.icptrack.com/icp/relay.php?r=5223162&msgid=17076&act=3BE5&c=1910463&pid=2... HTTP 302
    https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-202... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //nexus\.ensighten\.com/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • cdn\.mouseflow\.com
Overall confidence: 100%
Detected patterns
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • cdn\.sift(?:science)?\.com/s\.js
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

833
Requests

92 %
HTTPS

35 %
IPv6

86
Domains

147
Subdomains

110
IPs

11
Countries

10103 kB
Transfer

26614 kB
Size

96
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.icptrack.com/icp/relay.php?r=5223162&msgid=17076&act=3BE5&c=1910463&pid=235883&destination=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&cf=5402&v=bc2c14405ee1f90de484425aa71638df80d3eb5120e03d916b49213f90e1c9d6 HTTP 302
    https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.ksl.com/ensighten_news HTTP 307
  • https://nexus.ensighten.com/deseretdigital/ksl-com/Bootstrap.js
Request Chain 56
  • https://match.prod.bidr.io/cookie-sync/deseret?buyer_user_id=ksl.hdn6ukvhgwn1 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/deseret?buyer_user_id=ksl.hdn6ukvhgwn1&_bee_ppp=1
Request Chain 96
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=ksl.com&sn=ChromeSyncframe&so=0&topUrl=www.ksl.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Ftv4znxRQjV6c1cwOFkzNDlyZWRYVXoyT3Bvc3JCRmRPUW81WmFQSTlHa3JNUVlhY0JWSTRxYzhYQ3Y5cWVxVEhBb2dYcDh6TzRDaVNyS01GYlNMd0tTMHpQT3c3NW9Ya0NhVmVHNi9Ja3FTcGswYzhyMHkxcnJEUkRUNWJUNUR4YnU2ZEEyOENPcVdubG10d2VVSUhHb1FxNXFhZWJOdFYvaFBxNTN5RWxBSExDVTI5d1oyamVSQXVzYkhwZEdkL3dmZGpwQUhhUXlzcGs3ckV1bElWenR3Vm5jUkxVems0WG5lWlYwQ2RsSDcxRDVFMWxYcEhQaGJMY3dWM1dWODFRa0lvTzI5c2pYN0E2Ry9pUFdaUEpoWEtoZz09fA&cppv=2
Request Chain 191
  • https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F29bccf64-7590-4da7-9795-e8390147c0fe%3Fuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F29bccf64-7590-4da7-9795-e8390147c0fe%3Fuid%3D&s=192379&C=1
Request Chain 195
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZU5bNKWNMtQWX-mrcXnT-AAABHYAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZU5bNKWNMtQWX-mrcXnT-AAABHYAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 196
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZU5bNKWNMtQWX-mrcXnT-AAABHYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJ9ReLaudqx3vopoe42tqoU&google_cver=1
Request Chain 198
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZU5bNKWNMtQWX.mrcXnT.AAA%261142&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZU5bNKWNMtQWX.mrcXnT.AAA%261142&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=b41fc7c6d2724d1696f74dc59f9d816c HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-Gx6usKoqZNc3l_Pi9JCYfWzgzaFo3V6XJygOdQ HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-Gx6usKoqZNc3l_Pi9JCYfWzgzaFo3V6XJygOdQ
Request Chain 199
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZU5bNKWNMtQWX.mrcXnT.AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJc5RUAXI-FJYCXFgIzU1vE&google_cver=1&google_hm=2
Request Chain 200
  • https://trace.mediago.io/ju/cs/indexexchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=4df39c4938dcbb3027p2i400losu6mnf
Request Chain 208
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 213
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=7265742245611248552
Request Chain 214
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=HokAsRZHabiHgYW-QmeohwKU
Request Chain 216
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1699633972504 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=192310429 HTTP 302
  • https://sync.1rx.io/usersync/turn/3817330636728049063?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7b545757-4080-48e8-b12d-ce9ee5f1f051-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-7b545757-4080-48e8-b12d-ce9ee5f1f051-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-7b545757-4080-48e8-b12d-ce9ee5f1f051-003
Request Chain 217
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5144588527380379815
Request Chain 219
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 221
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-22c03961-f514-3628-ae79-e36580725b6b
Request Chain 224
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 225
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=insticator HTTP 301
  • https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Request Chain 233
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZU5bNKWNMtQWX.mrcXnT.AAA%261142&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZU5bNKWNMtQWX.mrcXnT.AAA%261142&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=ae222ae96e014618b11a8c15aa86f175 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-Gx6usKoqZNc3l_Pi9JCYfWzgzaFo3V6XJygOdQ HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-Gx6usKoqZNc3l_Pi9JCYfWzgzaFo3V6XJygOdQ
Request Chain 234
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7265742245611248552
Request Chain 236
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=y9qIfMiNjy3Q2N16nouRf8XYiynQ1oogm9mGZyrR
Request Chain 237
  • https://trace.mediago.io/ju/cs/indexexchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=4df39c498269a9482f5cvc00losu6mng
Request Chain 239
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZU5bNKWNMtQWX-mrcXnT-AAABHYAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZU5bNKWNMtQWX-mrcXnT-AAABHYAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 247
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7265742245611248552
Request Chain 248
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_492a0dd3-61ca-4d1c-a3a8-897bf14fcabb&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_492a0dd3-61ca-4d1c-a3a8-897bf14fcabb&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=d895ada4-f3f6-42f9-a3c9-0e0155e2744b&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=d895ada4-f3f6-42f9-a3c9-0e0155e2744b
Request Chain 249
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=2532ac02-8fe3-4cfe-b2d1-a5408e63aa01
Request Chain 250
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-9c32c789-6543-54f2-65be-a04596db0b1b$ip$185.213.155.177
Request Chain 251
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-mu_DmDZE2pcVha0uCGl50tLZyS6dwl_PmIqN~A
Request Chain 252
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=e4a0583d-fb42-4352-b9f6-68e136968548
Request Chain 254
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_492a0dd3-61ca-4d1c-a3a8-897bf14fcabb&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_492a0dd3-61ca-4d1c-a3a8-897bf14fcabb&s=2&us_privacy=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=dBv8kTB4gYsc-6473UTy&gdpr=0&us_privacy=1---
Request Chain 255
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=jWF5jxgEwbNT&ev=1&pid=558355
Request Chain 256
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=3176850909799481346
Request Chain 260
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=1760102417468539209&gdpr=0&gdpr_consent=
Request Chain 261
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=smartadserver&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=smartadserver HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=d895ada4-f3f6-42f9-a3c9-0e0155e2744b&gdpr=0&gdpr_consent=
Request Chain 262
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26uid%3DSMART_USER_ID%26gdpr_pd%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=3176850909799481346&gdpr_pd=0&gdpr=0&gdpr_consent=
Request Chain 263
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=5851998803673849921&gdpr=0&gdpr_consent=
Request Chain 267
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZU5bNcCo5s4AACRPt9cAAAAA
Request Chain 268
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=gVTAiOMn0WWeadP1g58M&pi=gumgum&tc=1
Request Chain 269
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 480
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=d895ada4-f3f6-42f9-a3c9-0e0155e2744b&google_hm=ZDg5NWFkYTQtZjNmNi00MmY5LWEzYzktMGUwMTU1ZTI3NDRi HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEE3DzKvWwrdtD8SsxPcPFhI&google_cver=1&ssp=sonobi&bsw_param=d895ada4-f3f6-42f9-a3c9-0e0155e2744b
Request Chain 482
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=e1ccfa44-3b45-423b-807b-32f2c7364f55&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=a1RPSUoyaVBuRmNJYktiUFY1SURlQQ&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEOqeJHxLtuAAZdXbaR1ktkg&google_cver=1
Request Chain 483
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5144588527380379815
Request Chain 484
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=gVTAiOMn0WWeadP1g58M&pi=sonobi
Request Chain 505
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEGjIps-fTvXCrFY6BI3qfpI&google_cver=1
Request Chain 506
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEDmAL7mR5GfOyj-p74tXLiI&google_cver=1&adform_v=1
Request Chain 529
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc5RUAXI-FJYCXFgIzU1vE&google_cver=1
Request Chain 530
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZU5bNKWNMtQWX.mrcXnT.AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc5RUAXI-FJYCXFgIzU1vE&google_cver=1&google_hm=2
Request Chain 531
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBc8n-Zc8fAMdKQpl7iV_vc&google_cver=1
Request Chain 532
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI2NTc0MjI0NTYxMTI0ODU1Mg%3D%3D
Request Chain 537
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABxIU7KnLYAABPvo4Dr7g&expiration=1700843579
Request Chain 538
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1699720379
Request Chain 539
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1715358779&external_user_id=d11ecf12-2628-4170-a9d1-932852cb0ece
Request Chain 540
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZU5bNKWNMtQWX.mrcXnT.AAA%261142 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=gVTAiOMn0WWeadP1g58M&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZU5bNKWNMtQWX.mrcXnT.AAA%261142
Request Chain 541
  • https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=ZU5bNKWNMtQWX.mrcXnT.AAA%261142 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=6d1d0106-ae9c-47d6-a7fa-bdf5a45a9c2c
Request Chain 543
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZU5bNKWNMtQWX.mrcXnT.AAA%261142?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZU5bNKWNMtQWX.mrcXnT.AAA%261142
Request Chain 545
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc5RUAXI-FJYCXFgIzU1vE&google_cver=1
Request Chain 546
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZU5bNKWNMtQWX.mrcXnT.AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc5RUAXI-FJYCXFgIzU1vE&google_cver=1&google_hm=2
Request Chain 547
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBc8n-Zc8fAMdKQpl7iV_vc&google_cver=1
Request Chain 548
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI2NTc0MjI0NTYxMTI0ODU1Mg%3D%3D
Request Chain 563
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGvuhy9smxJoeuE_Svnq2wQ&google_cver=1
Request Chain 564
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjE1MDllMjk5ODlhYjdiMDgxMjlkYzg4YzA1NjI2NTI4NjkzMDliNg
Request Chain 565
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJLjcebcWUCWaqcxsN4RjMc&google_cver=1
Request Chain 584
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_dbm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEE6JZyRyXEiqnGFifR2L698&google_cver=1
Request Chain 586
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESENEnwQ8FQZREGSljXGLyzVU&google_cver=1
Request Chain 639
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELxjf505YBXpKM9eEw1C9_A&google_cver=1

833 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
www.ksl.com/article/50775684/
Redirect Chain
  • https://click.icptrack.com/icp/relay.php?r=5223162&msgid=17076&act=3BE5&c=1910463&pid=235883&destination=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-stea...
  • https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
115 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.201 Herriman, United States, ASN11319 (DDMINC, US),
Reverse DNS
ksl.com
Software
Apache /
Resource Hash
7a4f6b27d0e9d490d98fd5367f212502d1bee2721748e624e6ad09e6d744f3c4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000;
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, must-revalidate, private
Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 10 Nov 2023 16:32:46 GMT
Expires
Fri, 10 Nov 2023 16:32:46 GMT
Keep-Alive
timeout=1, max=100
Server
Apache
Strict-Transport-Security
max-age=2592000;
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
X-Server
b04

Redirect headers

access-control-allow-origin
https://ui.icontact.com
cf-cache-status
DYNAMIC
cf-ray
823fb17bfc525c02-FRA
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 10 Nov 2023 16:32:45 GMT
location
https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
server
cloudflare
x-cnection
close
x-robots-tag
noindex, nofollow
Bootstrap.js
nexus.ensighten.com/deseretdigital/ksl-com/
Redirect Chain
  • https://www.ksl.com/ensighten_news
  • https://nexus.ensighten.com/deseretdigital/ksl-com/Bootstrap.js
396 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/deseretdigital/ksl-com/Bootstrap.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Server
2600:9000:206f:d800:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
bb3bd313dfdb8ac7deabede8f1fe034c006ec3d7e67eb8017dfcb01b4f7a25c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 21:33:01 GMT
x-amz-version-id
ygG8W3G4C1zOaeR490Ck4SljbBm3E71y
content-encoding
br
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
68386
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 09 Nov 2023 21:32:39 GMT
server
CloudFront
etag
W/"d20af37c97c55aa573e0326ffaf94892"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
RWGbzIzLCLldurWsadPKTbj6f4BGJDn1ZG1ptX720-KUn-akPCH-4A==

Redirect headers

Date
Fri, 10 Nov 2023 16:32:46 GMT
Strict-Transport-Security
max-age=2592000;
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Location
https://nexus.ensighten.com/deseretdigital/ksl-com/Bootstrap.js
Cache-Control
max-age=300
Connection
Keep-Alive
Keep-Alive
timeout=1, max=100
Content-Length
273
Expires
Fri, 10 Nov 2023 16:37:46 GMT
styles--ksl-f14a.css
d3njgrq4uvb497.cloudfront.net/ 		83 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3njgrq4uvb497.cloudfront.net/styles--ksl-f14a.css
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.78.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-78-146.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e0a92f4f9ddb4870341490a478a903eff292f2652a6739aba6a20fe0d85943d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:16:29 GMT
content-encoding
gzip
via
1.1 218c6128df18321f9758e53ccc351448.cloudfront.net (CloudFront)
last-modified
Thu, 09 Nov 2023 13:43:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
90978
etag
W/"7313fa34d65409fa20c8881509a6083e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, s-maxage=31536000, max-age=31536000
x-amz-cf-id
rVkIPQn6VVSyeHR3lvv7riHjvz4QFuoLEB0y7rCjsFaYbdOWJvD5OQ==
ksl-header.css
static.ksl.com/ksl-responsive-header/ 		62 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.ksl.com/ksl-responsive-header/ksl-header.css
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Herriman, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
02eb04d67c2aa1fc80a323c7aa6d9a0ffebaf83c9bb6effeb3b57b9ce2669b7f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:20:08 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.1)
age
758
x-cache
img01 Hit from varnish
content-length
7087
last-modified
Thu, 09 Nov 2023 17:19:17 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
x-varnish
486843957 484438391
cache-control
s-maxage=3600, max-age=3600
x-server
v34
accept-ranges
bytes
expires
Fri, 10 Nov 2023 16:25:08 GMT
serverComponent.php
nexus.ensighten.com/deseretdigital/ksl-com/ 		194 B
526 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/deseretdigital/ksl-com/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/deseretdigital/ksl-com/code/&publishedOn=Thu%20Nov%2009%2021:32:36%20GMT%202023&ClientID=2719&PageID=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:d800:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
893224fd54693b28f808fe5434aeed803b81f08ad3b9b02a190a4518d3b0b6a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:46 GMT
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
no-cache, no-store
alt-svc
h3=":443"; ma=86400
content-length
194
x-amz-cf-id
Jcjk195GfiOyEeqLyyY4eEsu_zePr6YCwMClNxr0hThrA9THqhkxLQ==
expires
Fri, 10 Nov 2023 16:32:45 GMT
sprite.svgz
static.ksl.com/ksl-svg-sprite/ 		458 KB
161 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static.ksl.com/ksl-svg-sprite/sprite.svgz
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Herriman, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
f05eea43f37a4cea565f3f22c3a16a0c39ce8673a373ed7d3c14ab469c23a974
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:29:32 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.1)
age
194
x-cache
img02 Hit from varnish
content-length
164142
last-modified
Fri, 13 Oct 2023 14:32:23 GMT
server
Apache
etag
"2812e-60799ecb5ebc0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-varnish
492839896 490758761
cache-control
max-age=300
x-server
v36
accept-ranges
bytes
expires
Fri, 10 Nov 2023 16:34:32 GMT
28975546.png
img.ksl.com/slc/2897/289755/ 		572 B
854 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2897/289755/28975546.png
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Herriman, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
70f9faa8791e1eca1aca0920a81c75bdef3cd8d90e5c229529622031bb1f16cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:43:37 GMT
x-amz-version-id
gMmWPw1XCYxvELeldFIgGlBNUPZM2ezx
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
M5C8K27MJHA52YX2
age
845349
x-amz-server-side-encryption
AES256
x-cache
img02 Hit from varnish
x-amz-replication-status
COMPLETED
content-length
572
x-amz-id-2
pwQhGqEsMAHejIW6qrsu4ifiulcMLh6rAafkBMAWTqv4sWXpAqbtfeXVmJ9Z63gm3eVOUy4Nvm8=
last-modified
Thu, 13 Oct 2022 05:04:38 GMT
server
AmazonS3
etag
"f29a09cb308c045842e407cadddbb5f2"
content-type
image/png
access-control-allow-origin
*
x-varnish
452089854, 492774241 32776
cache-control
max-age=2592000
accept-ranges
bytes
28818089.png
img.ksl.com/slc/2881/288180/ 		721 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2881/288180/28818089.png
Requested by
Host: d3njgrq4uvb497.cloudfront.net
URL: https://d3njgrq4uvb497.cloudfront.net/styles--ksl-f14a.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Herriman, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
dc2b6002b3518b4b196486f9f3e91e2b27b73df5c54d8418e0d442b6a8196c74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d3njgrq4uvb497.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:30:12 GMT
x-amz-version-id
icJqxYHE4IDLMONrkAWzZ_.nhS3rrsNe
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
Z3VAABPQJTBV4FNC
age
846155
x-cache
img01 Hit from varnish
x-amz-replication-status
COMPLETED
content-length
721
x-amz-id-2
OP4vvZ7dOX4DG84LdRiKCKBsLFFStJ+AZhLylMKJNUMkyuAjbr1oZIClddUlH9cFnLtE9/TkkJQ=
last-modified
Tue, 21 Jun 2022 23:18:42 GMT
server
AmazonS3
etag
"0e908cc4cf238de319eaa1e6f85989f9"
content-type
image/png
access-control-allow-origin
*
x-varnish
453904801, 487654395 39
cache-control
max-age=2592000
accept-ranges
bytes
nunito-sans-v5-latin-600.woff2
static.ksl.com/fonts/nunito-sans/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.ksl.com/fonts/nunito-sans/nunito-sans-v5-latin-600.woff2
Requested by
Host: static.ksl.com
URL: https://static.ksl.com/ksl-responsive-header/ksl-header.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Herriman, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
d18c05b903e42fe072a80fb16a7aae87c94e506237fce86f68ad8241fa70f759
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://static.ksl.com/ksl-responsive-header/ksl-header.css
Origin
https://www.ksl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:43 GMT
via
1.1 varnish (Varnish/6.1)
last-modified
Mon, 06 Apr 2020 21:54:59 GMT
server
Apache
age
3
etag
"4204-5a2a6517d72c0"
x-frame-options
SAMEORIGIN
x-cache
img01 Hit from varnish
x-varnish
485453803 486843913
access-control-allow-origin
*
cache-control
max-age=300
x-server
v48
accept-ranges
bytes
content-length
16900
expires
Fri, 10 Nov 2023 16:37:43 GMT
nunito-sans-v5-latin-regular.woff2
static.ksl.com/fonts/nunito-sans/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.ksl.com/fonts/nunito-sans/nunito-sans-v5-latin-regular.woff2
Requested by
Host: static.ksl.com
URL: https://static.ksl.com/ksl-responsive-header/ksl-header.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Herriman, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
6b6bdb341440c662d46a4fe200f47772ede3040d2ce52ecfcab8f017f4fa2738
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://static.ksl.com/ksl-responsive-header/ksl-header.css
Origin
https://www.ksl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:30:35 GMT
via
1.1 varnish (Varnish/6.1)
last-modified
Mon, 06 Apr 2020 21:54:59 GMT
server
Apache
age
131
etag
"4218-5a2a6517d72c0"
x-frame-options
SAMEORIGIN
x-cache
img01 Hit from varnish
x-varnish
487330324 487588314
access-control-allow-origin
*
cache-control
max-age=300
x-server
v34
accept-ranges
bytes
content-length
16920
expires
Fri, 10 Nov 2023 16:35:35 GMT
nunito-sans-v5-latin-700.woff2
static.ksl.com/fonts/nunito-sans/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.ksl.com/fonts/nunito-sans/nunito-sans-v5-latin-700.woff2
Requested by
Host: static.ksl.com
URL: https://static.ksl.com/ksl-responsive-header/ksl-header.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Herriman, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
90767fabd53fe6949c8e19f3ab9d3da69cfc52c7bbfafe42739ed14c2e837920
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://static.ksl.com/ksl-responsive-header/ksl-header.css
Origin
https://www.ksl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:29:50 GMT
via
1.1 varnish (Varnish/6.1)
last-modified
Mon, 06 Apr 2020 21:54:59 GMT
server
Apache
age
177
etag
"4270-5a2a6517d72c0"
x-frame-options
SAMEORIGIN
x-cache
img02 Hit from varnish
x-varnish
490861740 490795919
access-control-allow-origin
*
cache-control
max-age=300
x-server
v36
accept-ranges
bytes
content-length
17008
expires
Fri, 10 Nov 2023 16:34:50 GMT
nunito-sans-v5-latin-300.woff2
static.ksl.com/fonts/nunito-sans/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.ksl.com/fonts/nunito-sans/nunito-sans-v5-latin-300.woff2
Requested by
Host: static.ksl.com
URL: https://static.ksl.com/ksl-responsive-header/ksl-header.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Herriman, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
dd0d7b0bd9b543ac1655f000d5db598194d9a6c0c79815600b59ee49a81e8c62
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://static.ksl.com/ksl-responsive-header/ksl-header.css
Origin
https://www.ksl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:28:05 GMT
via
1.1 varnish (Varnish/6.1)
last-modified
Mon, 06 Apr 2020 21:54:59 GMT
server
Apache
age
282
etag
"410c-5a2a6517d72c0"
x-frame-options
SAMEORIGIN
x-cache
img00 Hit from varnish
x-varnish
487390808 477753520
access-control-allow-origin
*
cache-control
max-age=300
x-server
v45
accept-ranges
bytes
content-length
16652
expires
Fri, 10 Nov 2023 16:33:05 GMT
29557552.jpeg
img.ksl.com/slc/2955/295575/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2955/295575/29557552.jpeg?filter=kslv2/responsive_story_lg
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Herriman, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
fcbdca1adae6ce01084424e06884af87e58f8371b07d52d6f630763cdfa21804

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 06:34:08 GMT
x-amz-version-id
RdviKTrVhqC4jCftt_BTpF1BTMjuSbyU
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
K64GD77HDJXSEEGA
age
35918
x-amz-server-side-encryption
AES256
x-cache
img01 Miss from varnish
x-amz-replication-status
COMPLETED
content-length
79678
x-amz-id-2
puDf7H42WVMeC2RNPuSDApUVqVQaO7ghw0vcg/8yaalpRSLXMsCGa0oXGuWh/GvjTUvSsjbmi5o=
last-modified
Sun, 05 Nov 2023 18:16:14 GMT
server
AmazonS3
etag
"03f3b8e607f299e0344b7bdeda029295"
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
715927346 709961093, 486030948
cache-control
max-age=604800
accept-ranges
bytes
28701911.jpeg
img.ksl.com/slc/2870/287019/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2870/287019/28701911.jpeg?filter=kslv2/responsive_200
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Herriman, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
e60f1ef90da1acd99cb4b26ae6b1e07225fba3d280b26b1d05021a2cc59f66ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 21:24:08 GMT
x-amz-version-id
5sPruNMFuSfbOo3O0KHPS_Js5cXGI_xu
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
2GSPNVY1A7VZT5DV
age
241719
x-amz-server-side-encryption
AES256
x-cache
img00 Hit from varnish
x-amz-replication-status
COMPLETED
content-length
4965
x-amz-id-2
1mWo33+0FZZ9pluxBem+rq36rvMCXFzmxVTVsjG1Lr3cm4VwlRubwuK6XkBfi4umLKRhtC3w9SA=
last-modified
Thu, 14 Sep 2023 03:21:25 GMT
server
AmazonS3
etag
"3c99241b7faf1cfdfbf3a3cc60c4787a"
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
635338956, 488785107 296867134
cache-control
max-age=604800
accept-ranges
bytes
video-js.min.css
d3njgrq4uvb497.cloudfront.net/videojs/ 		40 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3njgrq4uvb497.cloudfront.net/videojs/video-js.min.css
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.78.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-78-146.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01df456b85acb77a180ad7d890f265ea448289bdae9a4b54c58d919b4d484c2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 01:05:56 GMT
content-encoding
gzip
via
1.1 218c6128df18321f9758e53ccc351448.cloudfront.net (CloudFront)
last-modified
Fri, 01 Jul 2022 17:16:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
55611
etag
W/"61258f13580ad009b643f05009d9522d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
ahgFpRHGdlqj5t9oH5TImCqlvK_URm-tSQ1jognE3npn5Jz6AQINtw==
29546158.jpg
img.ksl.com/slc/2954/295461/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2954/295461/29546158.jpg?filter=kslv2/responsive_toppicks
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Herriman, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
7067d2a92ce109d6e46b479b03432b7fdc7894777d0d3eb0057d6535c8b4754c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:22:14 GMT
x-amz-version-id
nnDeq3a_afjjIEK01uTr40DPttnP.4gK
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
6D9101T4H5FE8MSZ
age
632
x-amz-server-side-encryption
AES256
x-cache
img02 Hit from varnish
x-amz-replication-status
COMPLETED
content-length
33495
x-amz-id-2
H6KvwatdHuX7lDHKqAp9TcfJ7EGZIXPL8F5E+B+MkEzumE05iTPCipv969k1iOnzPoLNQT1rHYM=
last-modified
Sun, 05 Nov 2023 16:21:00 GMT
server
AmazonS3
etag
"cdabbc0b7c6acdf03287f304ddd3ec7a"
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
715386455 719444501, 492774242 490663852
cache-control
max-age=604800
accept-ranges
bytes
29532045.jpg
img.ksl.com/slc/2953/295320/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2953/295320/29532045.jpg?filter=kslv2/responsive_toppicks
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Herriman, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
ecb12b46998ce3fbaec5aec913657f56420683573c70a0e370410898e06c4956

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 13:46:41 GMT
x-amz-version-id
CGdCCCCiKwzMxX25tDjbs2IWy8Iu_cnu
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
FC7MQDY4FGQAJVYJ
age
9965
x-amz-server-side-encryption
AES256
x-cache
img00 Hit from varnish
x-amz-replication-status
COMPLETED
content-length
28262
x-amz-id-2
hQbYxNy09hGPytzORfua89zDQDZ9En+98g6yQYLe3LkYuAlksPAuUuXIfAEEdkbI7E1dBIT72m4=
last-modified
Sun, 22 Oct 2023 03:31:37 GMT
server
AmazonS3
etag
"466d87bfe85ba7e057f6356d866d3684"
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
716187373 708112536, 488785108 488559664
cache-control
max-age=604800
accept-ranges
bytes
29506757.jpeg
img.ksl.com/slc/2950/295067/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2950/295067/29506757.jpeg?filter=kslv2/responsive_toppicks
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Herriman, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
8c0ff445c8bdce036c164f67136edc2bb08462ffa4186d3c38b7d9e5633ba293

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 15:23:27 GMT
x-amz-version-id
kx3_8jpO5FbV2KkG2dn0nA491msG.TVm
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
F59CDYKF35GTR94R
age
4160
x-amz-server-side-encryption
AES256
x-cache
img01 Miss from varnish
x-amz-replication-status
COMPLETED
content-length
18610
x-amz-id-2
zKC+Xgp1gyLLKwlr8tASrI7aEQYN+0gSYi8B9iPHq3pcFesnH1/99gCVcqrL6S6ISupDEhT9CUk=
last-modified
Fri, 06 Oct 2023 01:34:32 GMT
server
AmazonS3
etag
"41e1a49071ae43236347c08370c869a2"
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
719408699 718169222, 485054949
cache-control
max-age=604800
accept-ranges
bytes
29083691.png
img.ksl.com/slc/2908/290836/ 		172 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2908/290836/29083691.png
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Herriman, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
8962cda663958c916414d04ee15873722d4d0604001d8bdf4f4e7460a37dfe73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:30:14 GMT
x-amz-version-id
zB5.tr4erNxSTXiYdMfYJtGVA81FmDYG
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
WSH7NVNQS9JB2K6T
age
846153
x-amz-server-side-encryption
AES256
x-cache
img02 Hit from varnish
x-amz-replication-status
COMPLETED
content-length
176229
x-amz-id-2
qHlCA1epOt6uGIGqAF07lxzkwoSEelr7sv9TF9WNs8OzczTi7auvw0k6weKt2ItzBbslDHahEfM=
last-modified
Tue, 27 Dec 2022 16:17:01 GMT
server
AmazonS3
etag
"97afc5df1893f00e6eafe362577c0bf4"
content-type
image/png
access-control-allow-origin
*
x-varnish
449938855 446791115, 492677220 131075
cache-control
max-age=2592000
accept-ranges
bytes
25487033.jpg
img.ksl.com/slc/2548/254870/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2548/254870/25487033.jpg?filter=kslv2/responsive_top_sm
Requested by
Host: d3njgrq4uvb497.cloudfront.net
URL: https://d3njgrq4uvb497.cloudfront.net/styles--ksl-f14a.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Herriman, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
006b8f60f30ed5210c6d4cc52dd703f0d62124d5ace9a5a45fede025465a2fbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d3njgrq4uvb497.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 21:58:32 GMT
x-amz-version-id
b1_PT374vquHDe04Csq_76JcQW1BFuVn
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
NPZ847H8QFV5ERX1
age
66855
x-amz-server-side-encryption
AES256
x-cache
img01 Hit from varnish
x-amz-replication-status
COMPLETED
content-length
4869
x-amz-id-2
g80IwGVeHcmyxxPA4in9L/+kahYmL9i18xz3o8KT4gPfs7dWScHkuaODyDTJHmY4k89tucCWcyg=
last-modified
Thu, 02 Nov 2023 21:58:30 GMT
server
AmazonS3
etag
"1e762976631565a6187b5f17402e6d30"
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
696783148, 486843960 454967929
cache-control
max-age=604800
accept-ranges
bytes
29084669.png
img.ksl.com/slc/2908/290846/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ksl.com/slc/2908/290846/29084669.png
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Herriman, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
AmazonS3 /
Resource Hash
7e5732c22bd4d4f04611ace5230fc4409f3c4ce9f73801781da68d680d295eb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:23:51 GMT
x-amz-version-id
RjutE7IUMXcP1IN6JU7Su0qIDiEcMO0z
via
1.1 varnish (Varnish/6.1), 1.1 varnish (Varnish/6.1)
x-amz-request-id
YSDEXXCSMCV653NV
age
846536
x-amz-server-side-encryption
AES256
x-cache
img00 Hit from varnish
x-amz-replication-status
COMPLETED
content-length
80487
x-amz-id-2
x3BLnN3WJjvb7cy3EpDNi+FZT2A65wQQ1KiAXksoTTc7HgNmRGK35qiaYaBHx3BJreuu2nuNoWk=
last-modified
Wed, 28 Dec 2022 12:14:28 GMT
server
AmazonS3
etag
"9227fd02062f00c3177d9af42e536b11"
content-type
image/png
access-control-allow-origin
*
x-varnish
449511907, 490281041 753687
cache-control
max-age=2592000
accept-ranges
bytes
3dad.ttf
d3njgrq4uvb497.cloudfront.net/ 		5 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3njgrq4uvb497.cloudfront.net/3dad.ttf
Requested by
Host: d3njgrq4uvb497.cloudfront.net
URL: https://d3njgrq4uvb497.cloudfront.net/styles--ksl-f14a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.78.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-78-146.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d4e8a4a129dc222b0d21ebb4b79e0cb267e5489d62108c6dccb38d8f31865c1c

Request headers

Referer
https://d3njgrq4uvb497.cloudfront.net/styles--ksl-f14a.css
Origin
https://www.ksl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 20:53:34 GMT
content-encoding
gzip
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1453153
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 12 Oct 2023 14:12:40 GMT
server
AmazonS3
etag
W/"3dad997bdab84822282f55f9c326f422"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/font-sfnt
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000
x-amz-cf-id
2NttyIqXnfJ2cgzYDgqWw9gV66oCZw719WgcTZViOQIbTWl8Uj6dXQ==
videojs-contrib-ads.css
d3njgrq4uvb497.cloudfront.net/videojs/ 		917 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3njgrq4uvb497.cloudfront.net/videojs/videojs-contrib-ads.css
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.78.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-78-146.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
839e7c6761776f0e1c251d29d443dd8e29c6d3beefeeb8925c58a74ba784bd30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 01:19:06 GMT
via
1.1 218c6128df18321f9758e53ccc351448.cloudfront.net (CloudFront)
last-modified
Fri, 01 Jul 2022 17:18:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
54821
etag
"624ba37a147ffd05f3831a0c60d7666c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
917
x-amz-cf-id
tDvMifl9Jj_gIHUu3uTsv8QF2xE5ecIVtfP5GZd88A4JdFjllGGOjQ==
videojs.ima.css
d3njgrq4uvb497.cloudfront.net/videojs/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3njgrq4uvb497.cloudfront.net/videojs/videojs.ima.css
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.78.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-78-146.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 15:34:52 GMT
content-encoding
gzip
via
1.1 218c6128df18321f9758e53ccc351448.cloudfront.net (CloudFront)
last-modified
Fri, 01 Jul 2022 17:16:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
10209
etag
W/"faad6d610a7700f489432ee9abfaf760"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
rHNuNkO2DJCGlmCaX0RYoQNkizhxoKSkZ0qrJ0ZtXtzvW7-Lkqw-zw==
videojs-share.css
d3njgrq4uvb497.cloudfront.net/videojs/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3njgrq4uvb497.cloudfront.net/videojs/videojs-share.css
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.78.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-78-146.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
afed9a0ab525a556166288e945e61b4e4adb9de9c074d8185f86b8f5f5fda311

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 04:56:05 GMT
content-encoding
gzip
via
1.1 218c6128df18321f9758e53ccc351448.cloudfront.net (CloudFront)
last-modified
Tue, 02 Aug 2022 22:33:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
41803
etag
W/"be1a982b20ecda84c022f2730dc00db6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
3cyaWJPfsa4hxr0iH5YmvCONXqvA-Zxa3gLWEALyZLjhphPM4PCaRA==
video.min.js
d3njgrq4uvb497.cloudfront.net/videojs/ 		568 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3njgrq4uvb497.cloudfront.net/videojs/video.min.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.78.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-78-146.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e65aecb8a21b66d9aeeea4d926d72d0f1023ca305327859bb69117e813468fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 02:21:41 GMT
content-encoding
gzip
via
1.1 218c6128df18321f9758e53ccc351448.cloudfront.net (CloudFront)
last-modified
Fri, 01 Jul 2022 17:16:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
51067
etag
W/"929b380ce08bc33ab90d3cb84bda8476"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Mi24s2gIymb4WmvJ-uwgM5tlgRY--kqtr1hjyjy-PWha7DsxKXLwIg==
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		363 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8ed9456b74c249bdb7a50d95659d7f1cfeec6014d19c253680509cba050f599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127386
x-xss-protection
0
expires
Fri, 10 Nov 2023 16:32:47 GMT
videojs-contrib-ads.js
d3njgrq4uvb497.cloudfront.net/videojs/ 		67 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3njgrq4uvb497.cloudfront.net/videojs/videojs-contrib-ads.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.78.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-78-146.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ebe4963ca08a041fcbb87a4232bf58b1ae55c3b5623a3a2d9d79491bb46c674

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 01:03:38 GMT
content-encoding
gzip
via
1.1 218c6128df18321f9758e53ccc351448.cloudfront.net (CloudFront)
last-modified
Fri, 01 Jul 2022 17:18:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
55750
etag
W/"8907ec0b8999349b1ee9aa3cdfe6344e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
97d3_uGABxgChUN8hzHXNHvgH3Q5JpHrH_uSIWrypielHWy15JP3BQ==
videojs.ima.min.js
d3njgrq4uvb497.cloudfront.net/videojs/ 		35 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3njgrq4uvb497.cloudfront.net/videojs/videojs.ima.min.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.78.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-78-146.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
33cc0a21c1ca8eab50680298fedb8440589988e511a82348b00290bb111a4c8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 07:16:20 GMT
content-encoding
gzip
via
1.1 218c6128df18321f9758e53ccc351448.cloudfront.net (CloudFront)
last-modified
Fri, 01 Jul 2022 17:16:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
33388
etag
W/"ec23ab961163dde45026fe11f7852efb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
F-aK-7EWXfXb9QKui3uuABfiQ6XH-SgtxF_gEkNEEisVDMPoaIlgJQ==
videojs-share.min.js
d3njgrq4uvb497.cloudfront.net/videojs/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3njgrq4uvb497.cloudfront.net/videojs/videojs-share.min.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.78.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-78-146.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4926c7670bd5a97ba531632202ff2adb8e8c81ae1dc49b35a7699a478c559b77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 20:46:49 GMT
content-encoding
gzip
via
1.1 218c6128df18321f9758e53ccc351448.cloudfront.net (CloudFront)
last-modified
Tue, 02 Aug 2022 22:33:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
71159
etag
W/"518c1fc506a1ebc06dd1aec02b41d277"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
DLnIwmPplx1hdAZQGmPyKU3QRcTCvHMU5DeMCyjvI8TFMGetUh4-_A==
weather-300x168.jpg
media.ksl.com/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.ksl.com/weather-300x168.jpg
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
64.147.128.167 Salt Lake City, United States, ASN11319 (DDMINC, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27623f523168b7b4648e3bebc9ede4c571aa76a596a2c1e54ff74227631a451c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Fri, 10 Nov 2023 16:31:14 GMT
x-amz-version-id
.c7Gn7fHOKMu2UEniwlLUP9dOsLbWtLn
Via
1.1 varnish (Varnish/6.2)
x-amz-request-id
FPVJ621D9W35MF0Q
x-amz-server-side-encryption
AES256
X-Cache
Hit from varnish
Connection
keep-alive
Content-Length
9424
x-amz-id-2
gbQTz+zrhwMZRjUGrkwdAeFf65S4DBcbX1HLfJQr1EBp49+zMEx5DwvAvMDRuIZAMCj16KpchwQ=
Last-Modified
Fri, 10 Nov 2023 13:16:25 GMT
Server
AmazonS3
ETag
"0e6db37fd993e2522a9ea6908d798300-1"
Content-Type
image/jpeg
access-control-allow-origin
*
X-Varnish
111395729 114441686
Accept-Ranges
bytes
autoplay_icon.svg
static.ksl.com/images/ 		653 B
560 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ksl.com/images/autoplay_icon.svg
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Herriman, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
d0cc949db47eadda0e59235f19200cbbabebfa345bb06430bb69f0c159c80421
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:30:15 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.1)
age
846151
x-cache
img01 Hit from varnish
content-length
369
last-modified
Fri, 08 May 2015 20:22:40 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
x-varnish
486226345 819252
cache-control
s-maxage=31536000, max-age=31536000
x-server
v45
accept-ranges
bytes
expires
Tue, 31 Oct 2023 21:35:15 GMT
51d664bc63e53f2a4398cf2601a38704.svg
static.ksl.com/beta/node_modules/ksl-responsive-header/dist/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ksl.com/beta/node_modules/ksl-responsive-header/dist/51d664bc63e53f2a4398cf2601a38704.svg
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Herriman, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
21cd559db3c100842a8ef209f2579e691ee47e2d1469ebeaaaac7cbd439509ab
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:31:48 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.1)
age
59
x-cache
img01 Hit from varnish
content-length
1333
last-modified
Mon, 20 Apr 2020 23:44:49 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-varnish
486322223 483289841
cache-control
max-age=300, no-transform
x-server
v50
accept-ranges
bytes
expires
Fri, 10 Nov 2023 16:36:48 GMT
gtm.js
www.googletagmanager.com/ 		255 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TVLZ5Z&l=kslDataLayer
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1227da09c3a664c98b43c83bbe1e0499fae7ce9446f7174c066713fcd1bf27ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84020
x-xss-protection
0
last-modified
Fri, 10 Nov 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 10 Nov 2023 16:32:47 GMT
react.production.min.js
static.ksl.com/javascript/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ksl.com/javascript/react.production.min.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Herriman, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
ed51c6c44f063fffd3fef1042b859a00d4cbdcee5dbc742c758f7a275ff85f58
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 21:43:40 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.1)
age
240547
x-cache
img02 Hit from varnish
content-length
5003
last-modified
Fri, 01 Nov 2019 02:01:34 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-varnish
490694634 299156783
cache-control
s-maxage=604800, max-age=604800
x-server
v33
accept-ranges
bytes
expires
Tue, 07 Nov 2023 21:48:40 GMT
react-dom.production.min.js
static.ksl.com/javascript/ 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ksl.com/javascript/react-dom.production.min.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Herriman, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
db2ee7a386958f6e858c181063d50b9bd3dfe79f9318bc1550d15482a5e49350
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 21:43:40 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.1)
age
240547
x-cache
img02 Hit from varnish
content-length
38768
last-modified
Fri, 01 Nov 2019 02:01:34 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-varnish
490569110 298218704
cache-control
s-maxage=604800, max-age=604800
x-server
v33
accept-ranges
bytes
expires
Tue, 07 Nov 2023 21:48:40 GMT
5b4de110-bc3f-40aa-8751-c3176bbf87d5.js
cdn.mouseflow.com/projects/ 		65 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mouseflow.com/projects/5b4de110-bc3f-40aa-8751-c3176bbf87d5.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90f1ad6425e69110b0e04f84fe9d7a2cbf28ce81436357ac9253b8e091e516ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
138606
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
x-mf-script-region
EU
last-modified
Fri, 20 Oct 2023 08:13:52 GMT
server
cloudflare
etag
W/"1a8a935c2d3da1:0"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
823fb18b98e23721-FRA
expires
Sat, 11 Nov 2023 16:32:47 GMT
/
js.stripe.com/v3/ 		552 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
1f9ce9bba1087c7035610f63b9ed2e1308083f7da024eba91fc27e2febae8d2d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 10 Nov 2023 16:32:47 GMT
via
1.1 varnish
age
15
x-cache
HIT
content-length
156392
x-request-id
75efda00-c3f0-4da3-9e5f-b1bd1f663908
x-served-by
cache-fra-eddf8230118-FRA
last-modified
Fri, 10 Nov 2023 02:33:15 GMT
server
Fastly
etag
"7eb7b601e10fe7c2332fd558ee162600"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
7
dm.js
tag.durationmedia.net/sites/11159/ 		125 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.durationmedia.net/sites/11159/dm.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:5a00:10:ce97:9fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8bde715c88d28cf0fcf7fdd31aedf903acf6acab04cc1602572138cdf93e2765

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
KuBfegLwXuDLrJ5AX2iQ_4c.3foVrRGY
content-encoding
gzip
via
1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
date
Fri, 10 Nov 2023 16:32:48 GMT
x-amz-cf-pop
FRA56-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
35094
last-modified
Wed, 01 Nov 2023 21:09:45 GMT
server
AmazonS3
etag
"16f9e5c0179791197466d3aedd22bde8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=900
accept-ranges
bytes
x-amz-cf-id
yZQAUpuFgQsHw-K_lOkvXMsCuV52iFU7voqm6CAWNeBpUbwONlYuSw==
ads.js
prebidads.revcatch.com/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prebidads.revcatch.com/ads.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW02
Resource Hash
7815473f068f708bcde391e444f1e2d3f19d1ead1174a2281a8833648356b80d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Fri, 08 Dec 2023 09:27:11 GMT
date
Fri, 10 Nov 2023 16:32:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 15:54:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
198336
x-powered-by
RCW02
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjs4sj8DfC6kKhMOgy7MOPwnkCWmC3T9uO%2FofFH56HDZMfX6lV26%2BxwFzRRuMbNTLQlffbIaOz9r7CH%2B77X6I8Xt1RdVtpBGBEUgbv%2BUui1SPtNHJ87Qyj2PVOcUpnA6xg%2BaFIXikevn4uV0seC0aq1DIHgo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
823fb18b7c763678-FRA
x-served-by
web02
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 10 Nov 2023 15:51:30 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2478
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 10 Nov 2023 17:51:30 GMT
tracker.js
static.rubyblu.com/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.rubyblu.com/tracker.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.32.235 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
235.32.211.130.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
ac27954be52ff386d5de5c6cbafef7ded65ea9106583a584b308f325c039bbff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 15:51:12 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 25 Oct 2023 17:10:57 GMT
server
nginx/1.18.0
age
2495
etag
W/"65394c21-5a66"
content-type
application/javascript
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8348
expires
Fri, 10 Nov 2023 16:51:12 GMT
destination
www.googletagmanager.com/gtag/ 		236 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-JW89DL7T5D&l=kslDataLayer&cx=c
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
15e7189c4a38384e935d2063c00d0a5c39ac818e1b059a681f1bfd837e8132c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84045
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 10 Nov 2023 16:32:47 GMT
app--ksl-2f65.js
d3njgrq4uvb497.cloudfront.net/ 		271 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3njgrq4uvb497.cloudfront.net/app--ksl-2f65.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.78.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-78-146.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e50b53bc2ebce1daa659234636eeb0757bdc9f4968a96aa0654d1ca05c39427

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:27:28 GMT
content-encoding
gzip
via
1.1 218c6128df18321f9758e53ccc351448.cloudfront.net (CloudFront)
last-modified
Tue, 07 Nov 2023 18:09:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
248720
etag
W/"2bfacc750fda3e95e2d1c4509bb2873d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, s-maxage=31536000, max-age=31536000
x-amz-cf-id
DzQWEgVyBzd2Bdv_AbuGl_E-Op9SFn5DRjFPsMYYcUYhdrRkZivVsA==
r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 		0
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=0&c=2719&i=7ezkt7&p=ksl-com&s=328&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjI3MTksInB1Ymxpc2hQYXRoIjoia3NsLWNvbSIsImluc3RhbmNlSWQiOiI3ZXprdDciLCJwYWNrZXQiOjAsIm1vZGUiOiJlbmZvcmNlWgDyKG9va2llcyI6e30sImVudmlyb25tZW50IjoiVVMtRU4iLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS0APAZIiwidHlwZSI6ImJpbGxpbmciLCJzdGFydCI6MTY5OTYzMzk2Nzg5NFsAwGQiOi0xLCJzb3VyYzIAAisAYXR1cyI6ImYAQGFzb25lANRdLCJkYXRhUGF0dGVyEgDCbGlzdCI6W10sImlkXQDANjMzOTY3ODk0fV19
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:47 GMT
cache-control
no-cache, no-store
server
nginx
expires
Fri, 10 Nov 2023 16:32:46 GMT
ksl-header.js
static.ksl.com/ksl-responsive-header/ 		136 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ksl.com/ksl-responsive-header/ksl-header.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Herriman, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
29498a65a2e753cbb2a458eb007ea1604501f4fcbc624f348498641ad6688c69
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:20:06 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.1)
age
761
x-cache
img02 Hit from varnish
content-length
39426
last-modified
Thu, 09 Nov 2023 17:19:17 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-varnish
492254786 492930335
cache-control
s-maxage=3600, max-age=3600
x-server
v41
accept-ranges
bytes
expires
Fri, 10 Nov 2023 16:25:06 GMT
e2cbc300a657f96fd81e3fa01c2a4e88-Comments.min.js
d3njgrq4uvb497.cloudfront.net/react/ 		464 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3njgrq4uvb497.cloudfront.net/react/e2cbc300a657f96fd81e3fa01c2a4e88-Comments.min.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.78.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-78-146.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66b6068dbe1948f57441d09c9844769b99e7881997b5fe3255e0a694cb89b849

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 16:47:53 GMT
content-encoding
gzip
via
1.1 218c6128df18321f9758e53ccc351448.cloudfront.net (CloudFront)
last-modified
Tue, 07 Mar 2023 20:52:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
2936695
etag
W/"e2cbc300a657f96fd81e3fa01c2a4e88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, s-maxage=31536000, max-age=31536000
x-amz-cf-id
swlO4oxCvqBakbf-6pnCmyt4se8BOzwMiBUFU3Wuv_S9bGFmHAB_SA==
gpt.js
www.googletagservices.com/tag/js/ 		103 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e0990fe603256382ac73a946f35457323051295c613f73dab9a0046d4b4829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31803
x-xss-protection
0
server
cafe
etag
514 / 19671 / 31079531 / config-hash: 4779486941103162602
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:48 GMT
op.js
tagan.adlightning.com/deseretdigital/ 		62 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/op.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84f449d9e5c4ff3c01c47eb2d8cf89232ef09239df157fb77ea94bef14544da3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
bKQqHvHevPIyCjMpPFeMuSGNA8P.bL5f
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
date
Fri, 10 Nov 2023 15:41:59 GMT
x-amz-cf-pop
FRA60-P4
age
3087
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
26305
x-amz-meta-git_commit
e09f10f
last-modified
Thu, 09 Nov 2023 15:01:23 GMT
server
AmazonS3
etag
"1ddbc2d513e4e841b220865a93bf7492"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
m0oyNPSP0FxeByIhlx6Dirb3oQd0B2LD3FZlS6kFSVk0q8ad_6q08w==
active
www.ksl.com/api/2017/member/ 		49 B
433 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ksl.com/api/2017/member/active
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.201 Herriman, United States, ASN11319 (DDMINC, US),
Reverse DNS
ksl.com
Software
Apache /
Resource Hash
f49b521799308f8cf36318142dbab92925dcae0ca9e2e35050f7d7635ce6c4b0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Fri, 10 Nov 2023 16:32:48 GMT
Strict-Transport-Security
max-age=2592000;
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/json
Cache-Control
max-age=0, must-revalidate, private
X-Server
b04
Connection
Keep-Alive
Keep-Alive
timeout=1, max=100
Content-Length
49
Expires
Fri, 10 Nov 2023 16:32:48 GMT
comments
www.ksl.com/api/2017/member/reauth/ 		15 B
399 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ksl.com/api/2017/member/reauth/comments
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.201 Herriman, United States, ASN11319 (DDMINC, US),
Reverse DNS
ksl.com
Software
Apache /
Resource Hash
e8d480780dad17fd64ac42eee77b9a8e485f2d81cc3dc232e2520a0e8058bffb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Fri, 10 Nov 2023 16:32:48 GMT
Strict-Transport-Security
max-age=2592000;
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/json
Cache-Control
max-age=0, must-revalidate, private
X-Server
b12
Connection
Keep-Alive
Keep-Alive
timeout=1, max=100
Content-Length
15
Expires
Fri, 10 Nov 2023 16:32:48 GMT
50775684
www.ksl.com/api/2017/comments/meta/ 		55 B
439 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ksl.com/api/2017/comments/meta/50775684
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.201 Herriman, United States, ASN11319 (DDMINC, US),
Reverse DNS
ksl.com
Software
Apache /
Resource Hash
3ffbda7a25b818a4e95e022f616637705bdfe41cc40b5ee8bfc0ca59d3aa55fe
Security Headers
Name Value
Strict-Transport-Security max-age=2592000;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Fri, 10 Nov 2023 16:32:48 GMT
Strict-Transport-Security
max-age=2592000;
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/json
Cache-Control
max-age=0, must-revalidate, private
X-Server
b13
Connection
Keep-Alive
Keep-Alive
timeout=1, max=100
Content-Length
55
Expires
Fri, 10 Nov 2023 16:32:48 GMT
catch_rp.js
app.protectsubrev.com/ 		399 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.protectsubrev.com/catch_rp.js?cb=0.7418440089084204
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW03
Resource Hash
ceea414a8b5645c0c0c943ff4b298f8adfa2fb86b4db26fc398975b40fa9f7ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Thu, 30 Nov 2023 05:25:53 GMT
date
Fri, 10 Nov 2023 16:32:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 26 Sep 2023 17:40:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
904015
x-powered-by
RCW03
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ImNQ7yKIH4bmB6R3IDYCCNIpNiFmq4jIXM1Y%2ByQ4oTOsB%2BojRD35Mkw8mgIhqermlCLt4biSoHEBglt%2Fa16BenZWhvVvVfqW1FviFNzF%2B4Qn5J%2FPDVovHzJYqXG7Bj3%2B3MJovlx0QbBvFK17Jc6CYP5O1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
823fb18cbfa65b8c-FRA
x-served-by
web03
scriptloaded
be.durationmedia.net/ 		61 B
663 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://be.durationmedia.net/scriptloaded?siteId=11159
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.164.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-164-211.compute-1.amazonaws.com
Software
/
Resource Hash
9903035e5b61b366e5709819a66349add4a4d132af460c00dc37babc30774ebb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Nov 2023 16:32:47 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options
DENY
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ksl.com
Access-Control-Expose-Headers
Authorization
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
61
X-XSS-Protection
1; mode=block
Expires
0
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 17:34:10 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
1119519
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
ZeKH1OMElHPyAmCxj4bvJMI4nT86ZF6gCHwCwqT10QbZHNjM3NChKA==
bl-34df212-770f4526.js
tagan.adlightning.com/deseretdigital/ 		58 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-34df212-770f4526.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74d01e8587e381b55e6f39a50fd9550b8d2418b2e90b82c407fb6ef2be46b251

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:37:40 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
hc.n5KcAgwbsAVYNvW8A7kk3FOE5y1yR
x-amz-cf-pop
FRA60-P4
age
89708
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24949
x-amz-meta-git_commit
34df212
last-modified
Thu, 09 Nov 2023 15:01:11 GMT
server
AmazonS3
etag
"f455cf8683b4657607012d3c5ed3cd81"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
oRU1EEDK2D0RKeeG45er2-g-JvpgPd1j9AwZNWW84El41px59ZwBsg==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/webp
deseret
match.prod.bidr.io/cookie-sync/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/deseret?buyer_user_id=ksl.hdn6ukvhgwn1
  • https://match.prod.bidr.io/cookie-sync/deseret?buyer_user_id=ksl.hdn6ukvhgwn1&_bee_ppp=1
24 B
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/deseret?buyer_user_id=ksl.hdn6ukvhgwn1&_bee_ppp=1
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
HTTP/1.1
Server
52.214.229.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-229-130.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
73da3b369596f2ea8e701ec80155bf93c638eb66f1de5eac9a88f2eb8e565fd8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Fri, 10 Nov 2023 16:32:48 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
24
content-type
text/plain

Redirect headers

location
https://match.prod.bidr.io/cookie-sync/deseret?buyer_user_id=ksl.hdn6ukvhgwn1&_bee_ppp=1
Date
Fri, 10 Nov 2023 16:32:48 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
collect
region1.analytics.google.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-JW89DL7T5D&gtm=45je3b81v891939916z871929427&_p=1699633967525&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=233581687.1699633968&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699633968&sct=1&seg=0&dl=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&dt=1.1M-pound%20historic%20steam%20train%20to%20return%20to%20Utah%20during%202024%20tour%20%7C%20KSL.com&en=page_view&_fv=1&_nsi=1&_ss=1&ep.DDM_Device_ID=eea1iml9x93n&ep.DDM_Session_ID=utxhg93zmbl1&ep.DDM_Hit_ID=ldq938c1dxdw&ep.KSL_Member_ID=&ep.Entity=KSL.com%20-%20News%2FContent&ep.Site_Section=News&ep.Site_Section_2=Features&ep.Site_Section_3=Historic&ep.Template=Article&epn.Content_ID=50775684&ep.Title=not%20specified&ep.Content_Source=internet_team&ep.Content_Team=original&ep.Content_Topic=transportation&ep.Author=Carter%20Williams%2C%20KSL.com&ep.Time_Posted=2023-11-05T11%3A40%3A30-07%3A00&epn.Word_Count=559&ep.Has_Video=false&up.DDM_Device_ID=eea1iml9x93n&up.KSL_Member_ID=&tfd=2891
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JW89DL7T5D&cid=233581687.1699633968&gtm=45je3b81v891939916z871929427&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JW89DL7T5D&cid=233581687.1699633968&gtm=45je3b81v891939916z871929427&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1511529652
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:05:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
1663
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 10 Nov 2023 17:05:05 GMT
gtm.js
www.googletagmanager.com/ 		225 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NKMQVGQ&l=headerDataLayer
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b2c9ad85f6e6ac92e9a82aff96ac34fe725a49124f170de25b93ea9fb446d01f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79433
x-xss-protection
0
last-modified
Fri, 10 Nov 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 10 Nov 2023 16:32:48 GMT
twilio-conversations.min.js
media.twiliocdn.com/sdk/js/conversations/releases/2.4.1/ 		531 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.twiliocdn.com/sdk/js/conversations/releases/2.4.1/twilio-conversations.min.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.59.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
190cb63e3f278f729de0d7b46d40a3a5752dc4a25445317a742767de3adce63a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:48 GMT
x-amz-version-id
uIxB4vX.HBZaLf_NTgz9oo.PETa6k9dX
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 29 Jun 2023 11:57:50 GMT
server
cloudflare
x-amz-request-id
83M34CEZX0QC9SMJ
etag
W/"f86b6506c4bd9dc218407cf4049e24a2"
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
823fb18eab1b68ec-FRA
x-amz-id-2
XPZZ8YZZUJjuTh/iBoq1ctHfhFrNUKltS73oxQekndbKL291ugRKmG6Ec8Y41oN30gQCwUPB9Kg=
expires
Thu, 31 Dec 2037 23:55:55 GMT
messages.js
static.ksl.com/m-ksl-messages-twilio-client/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ksl.com/m-ksl-messages-twilio-client/messages.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Herriman, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
683e2c114efa94a57f38b85a062310e415e566b7256ecc13587aadb288b06866
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:30:32 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.1)
age
136
x-cache
img02 Hit from varnish
content-length
3255
last-modified
Mon, 28 Aug 2023 16:19:03 GMT
server
Apache
etag
"3695-603fe0d7aebc0-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-varnish
490367603 492545190
cache-control
max-age=300
x-server
v50
accept-ranges
bytes
expires
Fri, 10 Nov 2023 16:35:32 GMT
getHeaderWeather
news-api.ksl.com/v1/weather/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://news-api.ksl.com/v1/weather/getHeaderWeather
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.201 Herriman, United States, ASN11319 (DDMINC, US),
Reverse DNS
ksl.com
Software
Apache /
Resource Hash
a63b336b9725ebbd0408cabf21970e035be01938b3f1dd4c8844ee95a375b962

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Fri, 10 Nov 2023 16:32:48 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ksl.com
Cache-Control
no-cache, private
Access-Control-Allow-Credentials
true
X-Server
bapi14
Connection
Keep-Alive
Keep-Alive
timeout=1, max=100
Content-Length
815
active
www.ksl.com/api/2017/member/ 		49 B
432 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ksl.com/api/2017/member/active
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.201 Herriman, United States, ASN11319 (DDMINC, US),
Reverse DNS
ksl.com
Software
Apache /
Resource Hash
f49b521799308f8cf36318142dbab92925dcae0ca9e2e35050f7d7635ce6c4b0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Fri, 10 Nov 2023 16:32:48 GMT
Strict-Transport-Security
max-age=2592000;
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/json
Cache-Control
max-age=0, must-revalidate, private
X-Server
b12
Connection
Keep-Alive
Keep-Alive
timeout=1, max=99
Content-Length
49
Expires
Fri, 10 Nov 2023 16:32:48 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311070102/ 		427 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311070102/pubads_impl.js?cb=31079531
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3604b7c2c085e2b36490fd7683eb5ff4cff2f24b16f887b6052214d65c520af5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 18:16:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
80154
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137042
x-xss-protection
0
server
cafe
etag
11973539144579050444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 08 Nov 2024 18:16:54 GMT
catch.css
app.protectsubrev.com/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.protectsubrev.com/catch.css
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW03
Resource Hash
2ed33f483feeb949462d583e5560ce6871d81a0fee8a7baf7a59ba7fc5390c17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Thu, 30 Nov 2023 05:27:26 GMT
date
Fri, 10 Nov 2023 16:32:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 18 Sep 2023 17:51:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
903922
x-powered-by
RCW03
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fcf%2B06Y1A%2FpdK3Hpe2NtjtKde1qbJC7eBXtWc84D0U1qI8VvSfbIGEpXQZ0FTb0RvJyIpk4GDGPKROkF%2FtSarnks%2BBGdcPwQNjTmFiP2sGBJKO%2Bq7ZtxJXRXJhYjkzJUrdXD%2FMIqs52dJF2nD%2BAvhfP8Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
823fb18eb9ac5b8c-FRA
x-served-by
web03
/
pages.protectsubrev.com/ 		28 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pages.protectsubrev.com/?new
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW03
Resource Hash
e30758bc1cb3650da38d2c31914e22afdb87203dc295e4cde6bf8f0c378b5116

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

expires
Sun, 12 Nov 2023 16:32:48 GMT
date
Fri, 10 Nov 2023 16:32:48 GMT
content-encoding
br
referrer-policy
origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
RCW03
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yfp2rTAWjOumWfpWt9QdZ%2FC9Ad4ab%2Fg2Bva0ReL6e47Q8q7wKD9ZjaFHJTC%2BpORoQLJB7PLgCYAQ9%2BF3%2BCeOsSmj23UmW4PlNHO%2FostNnfnRqZMdMDrGNvOxr2pJMeub0h%2F7UfCgYSIu9ubiYygC0WYMm9Hw"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
cf-ray
823fb18f1b019bdd-FRA
x-served-by
web03
truncated
/ 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f3a01e144ec2db45bb24f5ee5e9ed1da37760b01593395c01e4c1e4780b89ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
16020764746327031843
tpc.googlesyndication.com/simgad/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16020764746327031843
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2af6de0161679525ed17e3cab74b1f2ecbadbf3a3e83706d44549aa377daec16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 05:11:57 GMT
x-content-type-options
nosniff
age
559251
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1455
x-xss-protection
0
last-modified
Thu, 20 Sep 2018 16:19:15 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 03 Nov 2024 05:11:57 GMT
l
www.google.com/ads/measurement/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=efmk
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
openrtb
ex.ingage.tech/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ksl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.ksl.com
access-control-max-age
3600
cf-cache-status
DYNAMIC
cf-ray
823fb18f1cd44d74-FRA
content-length
0
date
Fri, 10 Nov 2023 16:32:48 GMT
server
cloudflare
vary
Origin, Access-Control-Request-Headers
translator
hbopenbid.pubmatic.com/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
date
Fri, 10 Nov 2023 16:32:48 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
adreq
ads.servenobid.com/ 		756 B
727 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=6243
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
704c56de5940e5f336c443ea05d6520fe7dfbd0f288e2ff1973ff916cbff54dd

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 10 Nov 2023 16:32:48 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.ksl.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
deseret
deseret.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://deseret.technoratimedia.com/openrtb/bids/deseret?src=prebid_prebid_7.24.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:7130:bb0b:d7e:bee2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ksl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://www.ksl.com
access-control-max-age
86400
date
Fri, 10 Nov 2023 16:32:48 GMT
server
nginx
openrtb
ex.ingage.tech/v1/ 		2 KB
874 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2f4ecbd97fae46005728ce7e3ff840a68a4aac45253b21e726bfdb310e64bf1

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 10 Nov 2023 16:32:48 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ksl.com
access-control-allow-credentials
true
cf-ray
823fb18ffeaa9b74-FRA
deseret
deseret.technoratimedia.com/openrtb/bids/ 		0
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://deseret.technoratimedia.com/openrtb/bids/deseret?src=prebid_prebid_7.24.0
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:7130:bb0b:d7e:bee2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 10 Nov 2023 16:32:49 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
702783290
access-control-allow-origin
https://www.ksl.com
access-control-allow-credentials
true
jstag
ksl-d.openx.net/w/1.0/ 		168 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ksl-d.openx.net/w/1.0/jstag?nc=6686-KSL_News
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a0a0cda3caf266fa1240bc753fc52a68c29a1f6b40d19ded793605f1272ace94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/javascript
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58319
expires
Fri, 10 Nov 2023 17:32:48 GMT
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=40769377&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ul=en-us&de=UTF-8&dt=1.1M-pound%20historic%20steam%20train%20to%20return%20to%20Utah%20during%202024%20tour%20%7C%20KSL.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEAjAAAAACAEK~&jid=679155982&gjid=1916027597&cid=233581687.1699633968&tid=UA-72877204-2&_gid=1789319650.1699633968&_slc=1&gtm=45He3b81n71TVLZ5Zv71929427&cg1=News&cg2=Features&cg3=Historic&cd1=eea1iml9x93n&cd2=eea1iml9x93n&cd3=1699633967878.e66x3qq7&cd5=2023-11-10T17%3A32%3A47.878%2B01%3A00&cd6=1.0&cd7=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&cd8=&cd9=www.ksl.com&cd10=GTM-TVLZ5Z&cd11=61&cd12=0&cd13=News&cd14=Features&cd15=Historic&cd16=KSL.com%20-%20News%2FContent&cd17=Content&cd18=Carter%20Williams%2C%20KSL.com&cd20=50775684&cd23=2023-11-05T11%3A40%3A30-07%3A00&cd24=internet_team&cd25=original&cd26=Article&cd27=transportation&cd28=traditional&cd31=ldq938c1dxdw&cd33=not%20specified&cd41=0&cd43=559&cd47=0&cd49=2023-11-05T11%3A40%3A30-07%3A00&cd50=utxhg93zmbl1&cd51=utxhg93zmbl1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd4=233581687.1699633968&z=334461531
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-72877204-2&cid=233581687.1699633968&jid=679155982&gjid=1916027597&_gid=1789319650.1699633968&_u=aCDAgEAjAAAAAGAEK~&z=1100545847
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 10 Nov 2023 16:32:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
otSDKStub.js
cookie-cdn.cookiepro.com/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Nov 2023 16:32:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
R1P6TtSHAQZyvOSI/KawHw==
age
25719
x-ms-lease-status
unlocked
last-modified
Wed, 08 Nov 2023 19:23:12 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8238c14e-a01e-0024-32c8-12ceed000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
823fb1901cd4bbb9-FRA
expires
Sat, 11 Nov 2023 16:32:48 GMT
ga-audiences
www.google.com/ads/ 		42 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-72877204-2&cid=233581687.1699633968&jid=679155982&_u=aCDAgEAjAAAAAGAEK~&z=1850959803
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-72877204-2&cid=233581687.1699633968&jid=679155982&_u=aCDAgEAjAAAAAGAEK~&z=1850959803
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
42225788-6fb1-438d-91a0-0da32c771fe8.json
cookie-cdn.cookiepro.com/consent/42225788-6fb1-438d-91a0-0da32c771fe8/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/consent/42225788-6fb1-438d-91a0-0da32c771fe8/42225788-6fb1-438d-91a0-0da32c771fe8.json
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
786fce9d5ecf97fc91a93700cb2f05152a094d85888c6de9586f2d7bd23597c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Nov 2023 16:32:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
h+DopE4uF9L4FB3HcNRW+w==
age
46563
x-ms-lease-status
unlocked
last-modified
Wed, 01 Nov 2023 22:27:52 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
ecc3ce32-701e-0045-2412-0dedae000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
823fb1908d8d68f5-FRA
acj
ksl-d.openx.net/w/1.0/ 		288 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ksl-d.openx.net/w/1.0/acj?ai=c2de5f18-6683-4e7e-8e31-549dd9e44e7c&o=28ae2e820ddedf&ju=https%3A//www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&jr=&be=1&prf=0&auid=538687866&aus=300x250&bc=hb_2&bt=2500&dims=1600x1200&adxy=315%2C1456&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=1600x1200&ifr=0&tws=1600x1200&vmt=1&sd=1
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
36c6f004fbdebb97d8b4f43a27f3abe87d906a15bb95e5b21be07cea2a006c77

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.ksl.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
252
expires
Mon, 26 Jul 1997 05:00:00 GMT
acj
ksl-d.openx.net/w/1.0/ 		262 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ksl-d.openx.net/w/1.0/acj?ai=c2de5f18-6683-4e7e-8e31-549dd9e44e7c&o=3053f959aef99b&ju=https%3A//www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&jr=&be=1&prf=0&auid=538687866&aus=300x600%2C300x250&bc=hb_2&bt=2500&dims=1600x1200&adxy=985%2C443&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=1600x1200&ifr=0&tws=1600x1200&vmt=1&sd=1
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
ae1bfab525e8210fa28871a8af708b809943d8d7bb429e99e6d8cc196ad01305

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.ksl.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
221
expires
Mon, 26 Jul 1997 05:00:00 GMT
acj
ksl-d.openx.net/w/1.0/ 		263 B
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ksl-d.openx.net/w/1.0/acj?ai=c2de5f18-6683-4e7e-8e31-549dd9e44e7c&o=4357610537a6b4&ju=https%3A//www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&jr=&be=1&prf=0&auid=538687866&aus=300x600%2C300x250&bc=hb_2&bt=2500&dims=1600x1200&adxy=985%2C1822&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=1600x1200&ifr=0&tws=1600x1200&vmt=1&sd=1
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
7e900103c3b7dc52478ff2a8b80beface411b2c76e0bf6b37aeae00af72b8a29

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.ksl.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
222
expires
Mon, 26 Jul 1997 05:00:00 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-a9a7"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Nov 2023 16:32:48 GMT
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:48 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:13 GMT
server
cloudflare
age
326002
etag
W/"65401291-2b7d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
823fb191bb721cbf-FRA
expires
Mon, 13 Nov 2023 16:32:48 GMT
otBannerSdk.js
cookie-cdn.cookiepro.com/scripttemplates/202210.1.0/ 		381 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/202210.1.0/otBannerSdk.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f97354a4659e6fc1cf05e27b59d333c697c1b0fd6fcaaceaa9af1f6886abe0af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Nov 2023 16:32:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
DjzI+HdyHvhC2OCs+qd+pw==
age
53780
x-ms-lease-status
unlocked
last-modified
Fri, 21 Oct 2022 01:41:20 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
cfba0cc2-601e-0004-7ae3-ebb54a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
823fb191bf91bbb9-FRA
expires
Sat, 11 Nov 2023 16:32:48 GMT
0
app.protectsubrev.com/caught/rc-CfZeub/1138720650/ 		33 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.protectsubrev.com/caught/rc-CfZeub/1138720650/0
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW03
Resource Hash
caa42ac6fd82f36a473a0550017cb913e7eb2459236f3ded20541e265f60ade1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
RCW03
x-served-by
web03
server
cloudflare
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bib%2FjzS%2B0tttej6bbtO%2FEHnAMOIzCi0okTMm2yWw%2F5SyfgTy89aEM5%2FDTurGT5SQ1j%2B6vnIHz63GZRzgl8w2SrBKsSl2IA8JNH4EMCdg9kIWt0jQc1h36Rewbzbik9hy0mpfO0CT2eto1EybMCHj9WazyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, private, max-age=172800
access-control-allow-credentials
true
cf-ray
823fb191ced69bdd-FRA
access-control-allow-headers
*, Authorization, Origin, X-Requested-With, Content-Type, Range
expires
Sun, 12 Nov 2023 16:32:49 GMT
rules
app.protectsubrev.com/api/ 		3 KB
1016 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.protectsubrev.com/api/rules?id=rc-CfZeub
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW03
Resource Hash
fe1a293cdb4905ed390da36b47fa01878068dc52306b495f97d39c56f00ea2fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2814
x-powered-by
RCW03
x-served-by
web03
last-modified
Fri, 10 Nov 2023 15:45:54 GMT
server
cloudflare
x-ratelimit-remaining
149
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0yuoM9YIdRyTD7PZbsEDmZ0kXJZu%2BuSfZoLqkbP101oigEzR7HgtSiFyNDENOCu0SGtjU8poDyE106K09CahXpXi0XaG2F%2B7UQxqASfgD6yJLuErrt6iQIxIo0hYeISReR%2B879Xs1v%2F6B24v4KYDSBBQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=172800
access-control-allow-credentials
true
x-ratelimit-limit
150
cf-ray
823fb191ced89bdd-FRA
access-control-allow-headers
*, Authorization, Origin, X-Requested-With, Content-Type, Range
vary
Accept-Encoding,User-Agent
expires
Sun, 12 Nov 2023 15:45:54 GMT
syncframe
gum.criteo.com/ Frame 2D3A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ksl.com
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 16:32:48 GMT
server
Kestrel
server-processing-duration-in-ticks
309812
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
pages.protectsubrev.com/ 		21 B
362 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pages.protectsubrev.com/
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW03
Resource Hash
57de05264028a31a958c3315bb559a979fced7919c8920a4c36beaa14c5db5a1

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

expires
Sun, 12 Nov 2023 16:32:49 GMT
date
Fri, 10 Nov 2023 16:32:49 GMT
content-encoding
br
referrer-policy
origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
RCW03
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6fS8FIUSxuPZrFZjPoTg606lSkwVdUHubrur%2BZPgPRtyGmDAr9lsz56thY5PbShKtd%2BK0bT8w4Ocf71tHBhdG10o903fdSf6LPFvJP9YYm8G3qS3%2FO%2Bfega60zIuSoyYsL%2F7b5aCY9KpZ7GSKEgnneE1gmb%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
cf-ray
823fb1920f319bdd-FRA
x-served-by
web03
en.json
cookie-cdn.cookiepro.com/consent/42225788-6fb1-438d-91a0-0da32c771fe8/2bf65cc3-af43-4615-8660-543f2a769de1/ 		141 KB
25 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/consent/42225788-6fb1-438d-91a0-0da32c771fe8/2bf65cc3-af43-4615-8660-543f2a769de1/en.json
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39a1e488d6c5550775840cd635255b77a732fc26081d6ca304f9d14053842849
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Nov 2023 16:32:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
laDwKS05Qf5irdnn7/NRJg==
age
62894
x-ms-lease-status
unlocked
last-modified
Wed, 01 Nov 2023 22:27:58 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
9c89c8f2-201e-0015-7112-0d2ffe000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
823fb1923fb368f5-FRA
sid
mug.criteo.com/ Frame 2D3A
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=ksl.com&sn=ChromeSyncframe&so=0&topUrl=www.ksl.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=Ftv4znxRQjV6c1cwOFkzNDlyZWRYVXoyT3Bvc3JCRmRPUW81WmFQSTlHa3JNUVlhY0JWSTRxYzhYQ3Y5cWVxVEhBb2dYcDh6TzRDaVNyS01GYlNMd0tTMHpQT3c3NW9Ya0NhVmVHNi9Ja3FTcGswYzhyMHkxcnJEUkRUNW...
423 B
650 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Ftv4znxRQjV6c1cwOFkzNDlyZWRYVXoyT3Bvc3JCRmRPUW81WmFQSTlHa3JNUVlhY0JWSTRxYzhYQ3Y5cWVxVEhBb2dYcDh6TzRDaVNyS01GYlNMd0tTMHpQT3c3NW9Ya0NhVmVHNi9Ja3FTcGswYzhyMHkxcnJEUkRUNWJUNUR4YnU2ZEEyOENPcVdubG10d2VVSUhHb1FxNXFhZWJOdFYvaFBxNTN5RWxBSExDVTI5d1oyamVSQXVzYkhwZEdkL3dmZGpwQUhhUXlzcGs3ckV1bElWenR3Vm5jUkxVems0WG5lWlYwQ2RsSDcxRDVFMWxYcEhQaGJMY3dWM1dWODFRa0lvTzI5c2pYN0E2Ry9pUFdaUEpoWEtoZz09fA&cppv=2
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2fe3a8d53ca6467e9eec155a06745c4de7565d2e53b718d180191ceb92e6898c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:48 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1127688
expires
0

Redirect headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:48 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=Ftv4znxRQjV6c1cwOFkzNDlyZWRYVXoyT3Bvc3JCRmRPUW81WmFQSTlHa3JNUVlhY0JWSTRxYzhYQ3Y5cWVxVEhBb2dYcDh6TzRDaVNyS01GYlNMd0tTMHpQT3c3NW9Ya0NhVmVHNi9Ja3FTcGswYzhyMHkxcnJEUkRUNWJUNUR4YnU2ZEEyOENPcVdubG10d2VVSUhHb1FxNXFhZWJOdFYvaFBxNTN5RWxBSExDVTI5d1oyamVSQXVzYkhwZEdkL3dmZGpwQUhhUXlzcGs3ckV1bElWenR3Vm5jUkxVems0WG5lWlYwQ2RsSDcxRDVFMWxYcEhQaGJMY3dWM1dWODFRa0lvTzI5c2pYN0E2Ry9pUFdaUEpoWEtoZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
266610
content-length
0
expires
0
partly-cloudy.svg
static.ksl.com/images/weather/New2013/SVG/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ksl.com/images/weather/New2013/SVG/partly-cloudy.svg
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Herriman, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
3d68e16c42b0a651c32705771904b4033f0920b023aaa84c993eb9e9586454ce
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 09:01:06 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.1)
age
27103
x-cache
img02 Hit from varnish
content-length
1325
last-modified
Sat, 28 Sep 2013 07:26:19 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
x-varnish
491472895 484873234
cache-control
s-maxage=31536000, max-age=31536000
x-server
v41
accept-ranges
bytes
expires
Sun, 10 Dec 2023 09:01:06 GMT
mostly-cloudy.svg
static.ksl.com/images/weather/New2013/SVG/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ksl.com/images/weather/New2013/SVG/mostly-cloudy.svg
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.131.160 Herriman, United States, ASN11319 (DDMINC, US),
Reverse DNS
img.bonnint.net
Software
Apache /
Resource Hash
d09d0c1e4b5e1d1b1c6c0d6e8b478e84ed5002ef9677c44b20db0c0bf1808ac1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 10:58:55 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.1)
age
20033
x-cache
img02 Hit from varnish
content-length
3380
last-modified
Sat, 28 Sep 2013 07:26:19 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
x-varnish
492091397 485626435
cache-control
s-maxage=31536000, max-age=31536000
x-server
v36
accept-ranges
bytes
expires
Sun, 10 Dec 2023 10:58:55 GMT
otFlat.json
cookie-cdn.cookiepro.com/scripttemplates/202210.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/202210.1.0/assets/otFlat.json
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Nov 2023 16:32:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
JuDKxv1jf1Hw0JXasvCaSg==
age
31120
x-ms-lease-status
unlocked
last-modified
Fri, 21 Oct 2022 01:41:03 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
5603c07d-901e-0072-7867-473f02000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
823fb19328ff68f5-FRA
expires
Sat, 11 Nov 2023 16:32:49 GMT
otPcPanel.json
cookie-cdn.cookiepro.com/scripttemplates/202210.1.0/assets/v2/ 		63 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/202210.1.0/assets/v2/otPcPanel.json
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df9aee0014c1553fa6f462aa38714f3f35678bba639483b6141e42e52ec2951
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Nov 2023 16:32:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
iFWm653zpCZXOB0KT4+Hvg==
age
46564
x-ms-lease-status
unlocked
last-modified
Fri, 21 Oct 2022 01:41:06 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
9b6c65dc-201e-00ac-4ff0-eb2be4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
823fb193290568f5-FRA
expires
Sat, 11 Nov 2023 16:32:49 GMT
otCommonStyles.css
cookie-cdn.cookiepro.com/scripttemplates/202210.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/202210.1.0/assets/otCommonStyles.css
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
087d847ee64707e372f572145600ecbcb13f2dd2382fd8962326f2fed03dd85d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Nov 2023 16:32:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
oQsmwuIlJWH4cKDxpI1ltA==
age
35666
x-ms-lease-status
unlocked
last-modified
Fri, 21 Oct 2022 01:41:29 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
f509f3e5-201e-0058-6db5-06e012000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
823fb193290868f5-FRA
expires
Sat, 11 Nov 2023 16:32:49 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		234 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=5271008516000&correlator=1802692978808192&eid=31079444%2C31079522%2C31079531%2C31079527&output=ldjh&gdfp_req=1&vrg=202311070102&ptt=17&impl=fifs&iu_parts=6686%2Cddm.ksl%2CNews%2CPageTwo%2CHistoric&enc_prev_ius=%2F0%2F1%2F2%2F%2F3%2F%2F4%2C%2F0%2F1%2F2%2F%2F3%2F%2F4%2C%2F0%2F1%2F2%2F%2F3%2F%2F4%2C%2F0%2F1%2F2%2F%2F3%2F%2F4%2C%2F0%2F1%2F2%2F%2F3%2F%2F4%2C%2F0%2F1%2F2%2F%2F3%2F%2F4&prev_iu_szs=728x90%7C970x90%2C620x300%2C300x250%2C300x250%7C300x600%2C300x250%7C300x600%2C1x1&ifi=1&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1699633969182&lmt=1699633969&adxs=259%2C315%2C315%2C985%2C985%2C0&adys=154%2C3463%2C1472%2C443%2C1822%2C0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C0%7C3%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&vis=1&psz=1082x103%7C614x250%7C614x3073%7C300x250%7C300x250%7C1600x4389&msz=1082x250%7C614x250%7C614x250%7C300x250%7C300x250%7C1600x-1&fws=4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=233581687.1699633968&ga_sid=1699633969&ga_hid=40769377&ga_fc=true&dlt=1699633966397&idt=2380&prev_scp=pos%3Dtop%7Cpos%3Darticlebottom%7Cpos%3Dinline%26oxb%3D300x250_0%252Chb-bid-5b168491995c26%7Cpos%3Dright%26oxb%3D300x600_0%252Chb-bid-696945f175bdad%7Cpos%3Dright2%26oxb%3D300x600_0%252Chb-bid-7bea0b732b965c%7Cpos%3Dpixel&cust_params=v%3Dnews%26cc%3Dstories%26article-id%3D50775684%26pt%3DArticle%26stca%3Dtransportation%26author%3Dcarterwilliams%252Ckslcom%26pageviewid%3Dldq938c1dxdw&adks=2487844782%2C1760100392%2C3439513641%2C4170637247%2C4170637244%2C3022542733&frm=20
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce15cec4407e77c697c29602822983015fa67c4915195f2890fe0518780bf1aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:49 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34809
x-xss-protection
0
google-lineitem-id
6358070787,-2,6356665108,6408047924,6309421846,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138442269681,-2,138452507948,138453793642,138445187980,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
00bd33c21fd21f2993a60e7dd9823991.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F214 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://00bd33c21fd21f2993a60e7dd9823991.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 16:32:49 GMT
expires
Sat, 09 Nov 2024 16:32:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=1&c=2719&i=7ezkt7&p=ksl-com&s=15771&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjI3MTksInB1Ymxpc2hQYXRoIjoia3NsLWNvbSIsImluc3RhbmNlSWQiOiI3ZXprdDciLCJwYWNrZXQiOjEsIm1vZGUiOiJlbmZvcmNlWgDyKG9va2llcyI6e30sImVudmlyb25tZW50IjoiVVMtRU4iLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS0APIdaHR0cHM6Ly9uZXh1cy5lbnNpZ2h0ZW4uY29tL2Rlc2VyZXRkaWdpdGFsL2ulAPAlL3NlcnZlckNvbXBvbmVudC5waHA_bmFtZXNwYWNlPUJvb3RzdHJhcHBlciZzdGF0aWNKc-cAHz1jABhjY29kZS8mJAHwFWVkT249VGh1JTIwTm92JTIwMDklMjAyMTozMjozNiUyMEdNVBEAUjAyMyZDZwEgRD1mAYEmUGFnZUlEPeQA8AElM0ElMkYlMkZ3d3cua3Ns4gDxMCUyRmFydGljbGUlMkY1MDc3NTY4NCUyRjExbS1wb3VuZC1oaXN0b3JpYy1zdGVhbS10cmFpbi10by1yZXR1cgoA8B11dGFoLWR1cmluZy0yMDI0LXRvdXIiLCJ0eXBlIjoic2NyaXB0Iiwic3RhcsIBwDY5OTYzMzk2NjY4OLABRWQiOjEUAKA3NTYsInNvdXJjPADCaW5zZXJ0QmVmb3JlQgChdHVzIjoibG9hZNYBQGFzb27VAdRdLCJkYXRhUGF0dGVyEgCwbGlzdCI6W10sImlkAO83MDA5OTU3MTE1ODB9LAcC_3g_NzMyBwIMIG11RgNDb25PYnoDH0wNAjc_NjI0DQIHAr4DBC0DAQAEsnN2Zy1zcHJpdGUvBwBWLnN2Z3rvAlJmZXRjaJ8ACu4CPTg3M-cAARQABe4C0kZFVENIX01BTkFHRVJDAALvAm9hbGxvd2XyAiKfNzk1NTQzMjcz5QAHNWltZ-IAgXNsYy8yODcwBQAjMTkHAPATMTEuanBlZz9maWx0ZXI9a3NsdjIvcmVzcG9uc2l2ZV8yMPUFA_ADMmltZ7wACv8APDkwN_8ARzcwNDftAw_mAUC_Njk4ODAyODQyMTABARqTOTcvMjg5NzU1BwBQNDYucG7XAA_kAAs_ODc05ABinzQ5NTI5MTY5OOUBGQ_kACYfNeQAah855ABSHzbkAGgvNzCfBgjyFmQzbmpncnE0dXZiNDk3LmNsb3VkZnJvbnQubmV0L3ZpZGVvanMIAHYubWluLmpzmwQPigcGPzcwMZ0DAC83MZ0DTa85NTA1Nzg3MTA31QEYozk1My8yOTUzMjAHAF80NS5qcJ0EB3d0b3BwaWNrCAEPogQFLTEw9gE_NDUwBQFNnzc4NjQ2MjQyNQUBdA2mBh83BQFYHzb7AgjwAmltYXNkay5nb29nbGVhcGlzwQpwL2pzL3NkaxEKf2VyL2ltYTPzAhUA3wIgZW4ZCgR9Ck83NDY47gFNnzg1NjA0NTg4NKwFCA_kAxjvanMtY29udHJpYi1hZHP7ABQB5wAM-wAfOOkCTIA3MDE1MzE2MfIDD-4DBw_7ABpPLmltYeUEGBA04wAM9wAvOTPyAUuvNzAwNzAzMzI5NJ4HCQ_3ABpvLXNoYXJl-QAZAOUAC_kALzUy8AFMzzY5ODI3MDE0MDY3NvABBw18CjA5NTTXBTM0NjEHAC81ON4FNC0wOd4FPzU3Of4BS882OTc2Njc5MTExNjUFAXIdMWsNHzcFAVkP9QQIDwoCWB4x4wYPBQFZD8IKGSE5NeYIMDA2Nw8DXzA2NzU3iw0LD-4IKg8GAVCPOTE2MTc2NzcOBQkPCwIADwYBRw6yDQ8GAVc_ODAyFgQaEDUFAiQ1NwcALzUyDAILALkTP3lfbLgODy85MBIDAC84MhwFTY85OTIyOTAyMP8LHAT_AAMNAQ8GATgPDAIADwYBWA8dBQgLiBL_CGltYWdlcy9hdXRvcGxheV9pY29uX2xnpBARTTc1MjEIBx83DQhQbzM1Mjk3N4gRCgvmAEJqYXZhsw7QL3JlYWN0LnByb2R1Y7cXD_0IGC41MswPLzcy3AJMvzcwMDQwODQ2NjA34gMakzA4LzI5MDgzNgcALzkx1AERPjY5MZQRPzg0NcADS783MDEwODU0NTE4NroCCA7MBQ_kACYOyAEP5ABZD7YHCABQGQKWDqF0YWdtYW5hZ2VynA7wB2d0bS5qcz9pZD1HVE0tVFZMWjVaJmxAFY9EYXRhTGF5ZSgZET83NTLfAQAnNjTfAQ8oGTq_Njk3NzIxNTE1MDmTEAgP9QBPD_ABAAn1AA8wFkIF-wAP1AIIkWpzLnN0cmlwZeUBP3YzL2MTEQ8cFgEoODekA4lpbm5lckhUTd0YD_sXJb82OTc1NzE3NDAyOPoWCHF0YWcuZHVyCx1RbWVkaWFGFNBzaXRlcy8xMTE1OS9kwgIP4AATD7ABABo3zRsP4AA4vzcwMDE0NzU2NzUyYgUIYHByZWJpZBoRgXJldmNhdGNoswEAEQAPGRUTLjg3GRUBFAAFtRkPtgE8nzk2OTgzMDA2NHAECA8oBwxPLWRvbSwHIwEYBwspEC84OQcWUH85MDI5OTQw9AAIDyIRC1BhcHAtLZ4fTzJmNjUGExQuODkMDxA5ixwF2wEPYQRAvzcwMTE3MjIyOTQ3XAUID-0AQQ7iCw_tAAsSQcUbAoEcAF8VECJGIQ9wHxsF7AAPTQUIAEgGA40g8AcvYXBpLzIwMTcvbWVtYmVyL2FjdGl2-R8DdxsPXB0FPjc5Nt0RARQABcwBD1wdPgDbEQBcHD8yMjGBBAgP3gAJoHJlYXV0aC9jb22tIgegGA_nAHufOTkwNjkzNTU5xxMID-cAAgTZAGQvbWV0YS9dIgZMBg_nAHkAmANvMjM0NTYwfRsnAaUM8xQvZTJjYmMzMDBhNjU3Zjk2ZmQ4MWUzZmEwMWMyYTRlODgtQ_ABD8QMGC85Mt8CAB83wRVMnzcwMDA1OTUyOC8jCg-rBAsPEwFIHjPHDh85EwEKD9EEMQUSAQ_zAwgCSAkE0wThd2VhdGhlci0zMDB4MTbMFgYCAw-JHAMRN5wXCocHODgwMfALD5oGQADQBACcE08wMjMxlRIHD90AMQ25AQ_dAFoPugEI0WNkbi5tb3VzZWZsb3cpCv8dcHJvamVjdHMvNWI0ZGUxMTAtYmMzZi00MGFhLTg3NTEtYzMxNzZiYmY4N2R4CBYOCCQgODARKQWsBg_ODToQN4sQbzQzOTY3NQkMCA_7AFQdOCQMC_sAD9kCQAYBAR82wgYID9QNJA2ZDxo41CQPywE6B9QND7QmCA_KACMPmgEBD54lTwSkDh85HhsID6QOSzo4MDWEDw9xKjsPpA4QD-AAOQ_GAQEJ4AAPYANDA-YAHzNcBQgPig9BODgwNbAhD2wDPA-KDxEP1gAvD7IBAgjWAA-yAUAA8CICZhAfNZkNCC9iZRsSAQHNLQAPDjBlZD8oEjFJZD0pEgbVCANrLwI_DgkEKj84MDYABgAAFAAF-wZ_UkVRVUVTVAUrOb82OTgxMjQ5ODM2NHMPCJB0YWdhbi5hZGz-L0FuaW5nAAgLADAvb3BcEBQtOTLaLiA4MnceBekAD60CPFE4MjM2OOoAD7wJBw_jADwAKxELpQoK4wAPugJCBekAD8wHCHJyZWdpb24triyBLnJ1YnlibHXQAVZjaGVja6sCD4IOBS44MhApKTgyCygPUBAGW2Jsb2NrrC1hIldoaXRljzAPqTAJCicAAbQwrzY5OTc0ODAyNTi9CAkDERQI6gAgdHIxMx9ysAIULTg4-xw4ODI1JRsAzjJgbmRDaGlshy4AcQAPiTErfzE4MzQzMDH4BwgAZAApaWO_AQ_VAB0NvBUL1QAPogJAAGUyA9wAD1wFCAKiArMxLmFuYWx5dGljc9YoAaUC8ABnL2NvbGxlY3Q_dj0yJnQ-GvUhLUpXODlETDdUNUQmZ3RtPTQ1amUzYjgxdjg5MTkzOTkxNno4NzE5Mjk0MjcmX3A9UDMAPBqgJl9nYXo9MSZnY6wFImwxAgDwACZkbWFfY3BzPXN5cGhhbQ8A9QI9MSZjaWQ9MjMzNTgxNjg3LkcA8AE4JnVsPWVuLXVzJnNyPTE2zQ7AMjAwJnVhYT0mdWFiBQAwZnZsBwAwbWI9GAAQbQwAEXAFABB2BgDGdz0wJl9zPTEmc2lknwBQOCZzY3QVAH9lZz0wJmRsqTRggiZkdD0xLjFN7zQ0JTIw8TQxJTIw8zQxJTIw9TQACABCbyUyMPk0BA4AclV0YWglMjD_NAKENRE0HADgdXIlMjAlN0MlMjBLU0zZAfAJJmVuPXBhZ2VfdmlldyZfZnY9MSZfbnNpBwAQcxsB8hBlcC5ERE1fRGV2aWNlX0lEPWVlYTFpbWw5eDkzbiZlHgAwU2VzbTcAHwDEdXR4aGc5M3ptYmwxHwAwSGl0GwDAbGRxOTM4YzFkeGR3GwBRS1NMX01VFQAeAAASAHNFbnRpdHk9nABAJTIwLV420GV3cyUyRkNvbnRlbnQnAHFTaXRlX1Nldh9cPU5ld3MVAK5fMj1GZWF0dXJlGwAzMz1IPjYANgCiVGVtcGxhdGU9QXI2UyZlcG4uawAAlgAEIhQBLACAaXRsZT1ub3SGAYBwZWNpZmllZBkABDAAEVMjNjA9aW7wNTBldF-dNgggANlUZWFtPW9yaWdpbmFsGQDSb3BpYz10cmFuc3Bvclg0ACAAwEF1dGhvcj1DYXJ0ZbsBqVdpbGxpYW1zJTLDAfEecC5UaW1lX1Bvc3RlZD0yMDIzLTExLTA1VDExJTNBNDAlM0EzMC0wNyUzQTAw4gDgV29yZF9Db3VudD01NTlrAFBIYXNfVqovgj1mYWxzZSZ12gEP-AEEO3VwLr4BcHRmZD0yODlVOQMZF69zZW5kQmVhY29udwkBHzLeBQEYOPcMr1NFTkRCRUFDT056CTuPNzc4OTQ5NzfuLAkA6AXxAHMuZy5kb3VibGVjbGlja4YcH2cHBQsPqgQGDyAFDlNhaXA9MfAECwUFCiMFBikID2ABDQ7XChAy2QsF7gkPYAFFjzgzNjAzMzkygiEJAJwXD54gBCBhZ-I6E3QMOwGoIAhqBgqqIFcmY3g9YxMBAQoMD28CACA3OFsCDBoKGDjqNQ_9CjoAiCJ_NjQzNDczOOALCA8GAWAPfggACQYBD34IQtAxMDY0MzQ3Mzg5fV19
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:49 GMT
cache-control
no-cache, no-store
server
nginx
expires
Fri, 10 Nov 2023 16:32:48 GMT
r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=2&c=2719&i=7ezkt7&p=ksl-com&s=15379&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjI3MTksInB1Ymxpc2hQYXRoIjoia3NsLWNvbSIsImluc3RhbmNlSWQiOiI3ZXprdDciLCJwYWNrZXQiOjEsIm1vZGUiOiJlbmZvcmNlWgDyKG9va2llcyI6e30sImVudmlyb25tZW50IjoiVVMtRU4iLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS0APYSaHR0cHM6Ly93d3cuZ29vZ2xlLWFuYWx5dGljcy5jb20vDgDwCmpzIiwidHlwZSI6InNjcmlwdCIsInN0YXKZAMA2OTk2MzM5Njc4ODGHAERkIjoxFACwODMyNywic291cmM8AMJpbnNlcnRCZWZvcmVCAKF0dXMiOiJsb2FkrQBAYXNvbqwA1F0sImRhdGFQYXR0ZXISALBsaXN0IjpbXSwiaWQA7zcwMDkyOTI2NjQzMH0s3gBQHzbeAAwxbXV0XAGvT2JzZXJ2ZXJDTOQAOR815AAHwW5ld3MtYXBpLmtzbLoB8gZ2MS93ZWF0aGVyL2dldEhlYWRlclcRAAbJATJ4aHKgAAnGAU44Mzg46AAnOTLGAbJYSFJfTUFOQUdFUkEAAsUBb2FsbG93ZcgBIp81NTg5MjU3NzPkAFUA0AAgZW5GAgaqAgAUAAWqAg_kAEcfN-QABwCKAwTDAfAGYXBpLzIwMTcvbWVtYmVyL2FjdGl2NQMDhwNSZmV0Y2h_AQvAAS85M8ABABczwAFfRkVUQ0jCATnPNjk3NjgwMjgyNjM23gAHEHMeAxVjpALxAWtzbC1yZXNwb25zaXZlLWilAhAvFgACCwAfLnUEEz85MjnvAAAXNu8ADJcDEkE2AQK1Ag96BCIANAKPMTYwODMzOTHwAAcAzgECWAUwdGFnEgQyaWNlWQWvdGFnL2pzL2dwdOUAFS0zMuUAKDQylAMP5QA_vzcwMDIzNDU5MjA41QEI8QRwYWdlcy5wcm90ZWN0c3VicmV2ggRPP25ld2sEDh801wABABQAD4cDRb82OTkyODU5NjQzNDMGCA_UAMEzdHBj5Qdhc3luZGljqQYBqgH2DHNpbWdhZC8xNjAyMDc2NDc0NjMyNzAzMTg0M8EBMmltZzYDCmwELjQzbAQBFAAFwQGJaW5uZXJIVE0LBw8qBiW_Njk5OTY2NDAxNjJ4AxIB4ACwYWRzL21lYXN1cmUcCd8vbD9lYmNpZD1lZm1r4QAQHjR5AyczNF4ED-EAPJ84MzM2NTE0OTInBgwPWQQDAiUGQHZpZXdgBP8BY3VycmVudC9yeF9saWRhcm0EEyA4NOAACx0HARQAD9UBRm8zMTM2OTdNBQo_YXBwZgQA9hJjYXRjaF9ycC5qcz9jYj0wLjc0MTg0NDAwODkwODQyMDThAQ-3CgY-ODA18QgvNDNCBgkP2QkwvzY5ODc3MTE3ODU4ywII8QNoYm9wZW5iaWQucHVibWF0aWPTArJ0cmFuc2xhdG9yP5QBgj1wcmViaWQtawwG9QAP4wkEPjQ0N9YCJzQ41gIP_wg8ALkDfzE5MTU5MzPjCQgP7gBGD-ABAC80Oe4AUh80HwgHQGFkcy4WCDBlbm_hAQFxDUBkcmVxyQIoNjJ9BQ_GAQUeNW8NEDQUAAIUAj8iOiLGATy_NzAwMDc2MTM2MjQSCAgP2AAwD-0IABg17QgP2ABHD3YFCPADZXguaW5nYWdlLnRlY2gvdjEvnAM_cnRibwMPHzVFBgAAFAAPqQFFzzY5ODA3NjY4NTM3MoECBw_RAL5xZGVzZXJldKABsW5vcmF0aW1lZGlhMwUDrAFjL2JpZHMvKQBDP3NyYzoFEl9BBVFfNy4yNMkRA2YND3sDBh41QQUvNTVTBEcAewOPODk3MzQ2OTjSAQcD2AAPAQHn8QJ0YWdhbi5hZGxpZ2h0bmluZ_wBAxcB_wxkaWdpdGFsL2JsLTM0ZGYyMTItNzcwZjQ1MjYaCRQvMjFyBQAYN0oGD-ESOr82OTg0NTYyMDk4MCQICA_0AE4P4wsACfQADHsODx4JMwT6AA8wCAgP-gAT_wItZTA5ZjEwZi02YmEyZGM1Me0BFh0w5AMoNTaHBg_tATyfOTgzNzkzMTI34gMID_MATQ7sAQrzAA_sAUIE-QAPCgsJBk0RC6UW8BRqL2NvbGxlY3Q_dj0xJl92PWoxMDEmYT00MDc2OTM3NyZ0PdAPABQNkSZfcz0xJmRsPfoWkCUzQSUyRiUyRlsAA3YT8TAlMkZhcnRpY2xlJTJGNTA3NzU2ODQlMkYxMW0tcG91bmQtaGlzdG9yaWMtc3RlYW0tdHJhaW4tdG8tcmV0dXIKAPIgdXRhaC1kdXJpbmctMjAyNC10b3VyJnVsPWVuLXVzJmRlPVVURi04JmR0PTEuMU1YADQlMjBaADElMjBcADElMjBeAAAIAEJvJTIwYgAEDgByVXRhaCUyMGgAMCUyMGoAARwA4HVyJTIwJTdDJTIwS1NMAAX3CyZzZD0yNC1iaXQmc3I9MTYwMHgxMjAwJnZwDQDwAmplPTAmX3U9YUNEQWdFQWpBAQDwBkNBRUt-JmppZD02NzkxNTU5ODImZw8AIDE5LxBQNzU5NyZLD6YyMzM1ODE2ODcu-Rf4EyZ0aWQ9VUEtNzI4NzcyMDQtMiZfZ2lkPTE3ODkzMTk2NTAtAPArX3NsYz0xJmd0bT00NUhlM2I4MW43MVRWTFo1WnY3MTkyOTQyNyZjZzE9TmV3cyZjZzI9RmVhdHVyZQ0AMzM9SJcB_AYmY2QxPWVlYTFpbWw5eDkzbiZjZDIRACUzPacA_zQ3ODc4LmU2NngzcXE3JmNkNT0yMDIzLTExLTEwVDE3JTNBMzIlM0E0Ny44NzglMkIwMSUzQTAwJmNkNj0xLjAmY2Q3TgJhl2NkOD0mY2Q5PbwCAPsAYjA9R1RNLTcBABAAQDE9NjEIACAyPbMAIzEzPgE3ZDE0PwE5ZDE1QAEjNj05AnAlMjAtJTIwcgGgJTJGQ29udGVudE8AJzc9DQBwOD1DYXJ0ZXcCqFdpbGxpYW1zJTJ_AlRjZDIwPU0DAJABFTNlAUAwNVQxUgEgNDBqATAwLTByAQFfAVAyND1pbvwZMGV0X2oDADgAoDU9b3JpZ2luYWwOADI2PUGrAwANACE3PRQPMHBvcmUWEW_3ARA4FAAgZGnuGgEyAPAJMzE9bGRxOTM4YzFkeGR3JmNkMzM9bm90cQPRcGVjaWZpZWQmY2Q0MS0BYDQzPTU1ORAAEjcQAB85tgAQ4DUwPXV0eGhnOTN6bWJsewEqNTESAHNnY2Q9MTFsAgDwACZkbWFfY3BzPXN5cGhhbQ8AED02AC80PVMDAqB6PTMzNDQ2MTUzWBwPowoLLzU3zAUAGDe6Eg9GDTy_Njk3ODQ5MDQ2MDG0BwgAsQICvBIPyAX______xsOPRIfNcgFVA--FAgAzR32BXMuZy5kb3VibGVjbGljay5uZXQvjwuAdD1kYyZhaXCWC0hyPTMmnwsOHAoPRwoGAG8KD34KBw9TCgkLzQoRR80Kz3o9MTEwMDU0NTg0N7kTDi41N-cRARQAD7kTRwJKHy8yOHQdCQ98Af9qD8AIBv8CcGx1Z2lucy91YS9saW5raWRnEBQuMzGeGCg1N34aD2cQPY8xNDA0MzQzMgIfCA_mAD8AByYLVBwK5gAPWhBDBOwAHzk1FQcATgMWaZciIG0tgyJAbWVzc9ogcy10d2lsaW9ZGxQvFwAP3AEVHjZoGyg1OIsjoGFwcGVuZENoaWw4JQCLAA8QJye_Njk5MDA1NTE1NjWfGQgAZAAP7wBFHzkvBQAJ7wAP5QFDA_YAHzivBggG0QKgdGFnbWFuYWdlchwRQC9ndG09HiFpZDoPok5LTVFWR1EmbD2EJIBEYXRhTGF5ZSknA28ND0geBy8zNv8AAAATAQUuBg_KAz2PMDI5MTQ4MzExFAgP-QBSAOUADN0DABQABfkAD_gBRAL_AB80_wAID_ciRQ7qASg2MRsWD_EAQwT9Ig9gDxIB3wIP_SIsDvIqKDYyvwQP5wALQGVycm86Ay9yZdcrGSU2OQQjD7YFCCBjb_ssUi1jZG4uCwAxcHJv8gBAY29uc_Ui_xY0MjIyNTc4OC02ZmIxLTQzOGQtOTFhMC0wZGEzMmM3NzFmZTgvJQARXy5qc29uKwoOLjY5pwsZNgQDD28RPL83MDA0NzU1NDg3NgADCAIcAQ8nAXkPOgMAGDnuCA8nAUcPTgIhAu4F_wR0ZW1wbGF0ZXMvb3RTREtTdHViAggULjYwMhwoNjkTL39yZXBsYWNlAwg2jzYzNDc5Mjcw3gkIDxUCBg_uAC8OuiEK7gAPMQQLD40rJgP0AA8mHQgP9ABIDmgVD_QAWQ_hIQgAyQogZC76IBF4nA_wCXcvMS4wL2pzdGFnP25jPTY2ODYtS1NMX-EXBuEEAgUCD-4pAS41NqsMKDcwzQIP3wFAAPogfzYyODU0ODXfAQgP6wAD9TBhY2o_YWk9YzJkZTVmMTgtNjY4My00ZTdlLThlMzEtNTQ5ZGQ5ZTQ0ZTdjJm89MjhhZTJlODIwZGRlZGYmanXaGQIkMwMkHBMvIhwUL9MYHy8eHC_2MGpyPSZiZT0xJnByZj0wJmF1aWQ9NTM4Njg3ODY2JmF1cz0zMDB4MjUwJmJjPWhiXzImYnQ9MjUwMCZkaW1zPdQb9wNhZHh5PTMxNSUyQzE0NTYmcmUeANN4MjQmcGxnPXBtJmNohhyHdHo9LTYwJncnAIkmaWZyPTAmdBQAUHZtdD0xShwPehgPLjgwki8BFAAFDwoP5AU8AEwpbzQ5NTc1MjYrCQ8jAv-PLzEwQCVHDyMCV-8zMDUzZjk1OWFlZjk5YkYEgG82MDAlMkNQBBkgOThQBD80NDNPBGMeMWEHEDgUAA9PBEUQN2AwMDA0MIAFDzcSBw9PBDEPLAL_s8A2MjA0MDM4Njh9XX0
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:49 GMT
cache-control
no-cache, no-store
server
nginx
expires
Fri, 10 Nov 2023 16:32:48 GMT
r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=3&c=2719&i=7ezkt7&p=ksl-com&s=7192&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjI3MTksInB1Ymxpc2hQYXRoIjoia3NsLWNvbSIsImluc3RhbmNlSWQiOiI3ZXprdDciLCJwYWNrZXQiOjEsIm1vZGUiOiJlbmZvcmNlWgDyKG9va2llcyI6e30sImVudmlyb25tZW50IjoiVVMtRU4iLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS0APBQaHR0cHM6Ly9rc2wtZC5vcGVueC5uZXQvdy8xLjAvYWNqP2FpPWMyZGU1ZjE4LTY2ODMtNGU3ZS04ZTMxLTU0OWRkOWU0NGU3YyZvPTQzNTc2MTA1MzdhNmI0Jmp1PWheAPE6JTNBLy93d3cua3NsLmNvbS9hcnRpY2xlLzUwNzc1Njg0LzExbS1wb3VuZC1oaXN0b3JpYy1zdGVhbS10cmFpbi10by1yZXR1cgoA92x1dGFoLWR1cmluZy0yMDI0LXRvdXImanI9JmJlPTEmcHJmPTAmYXVpZD01Mzg2ODc4NjYmYXVzPTMwMHg2MDAlMkMzMDB4MjUwJmJjPWhiXzImYnQ9MjUwMCZkaW1zPTE2MDB4MTIwMCZhZHh5PTk4NSUyQzE4MjImcmUeAPcNeDI0JnBsZz1wbSZjaD1VVEYtOCZ0ej0tNjAmdycAiSZpZnI9MCZ0FACQdm10PTEmc2Q9GALwAnR5cGUiOiJ4aHIiLCJzdGFy5gHANjk5NjMzOTY4ODE21AFKZCI6MRQAUHNvdXJjOQCyWEhSX01BTkFHRVJBANF0dXMiOiJhbGxvd2Vk_AFAYXNvbvsB1F0sImRhdGFQYXR0ZXISALJsaXN0IjpbXSwiaWYAzzgwNTM4MjU5OTd9LC0C_7I_NywiLQJrIm9hVwQxY2RuWgSTZXNwLmpzIiwi-wJic2NyaXB0vQIL_gIuMzD-Aic1M9EAoGFwcGVuZENoaWzrAjJzdGH-AltibG9ja_4CYSJXaGl0Ze8CDwkDCQonAAEUA883MDAyNTI2NjQ2NzkUAwfhdGFncy5jcndkY250cmzqAP8EbHQvYy8xNjU4OS9zeW5jLm1pbvoAFS81NfoAAB84-gBgnzgxMjMyMDA2MfoABzBpbnZ6AeBpYzEwMS5jcmVhdGl2Ze4BAOwF9gNlbmNyeXB0ZWQtc2lnbmFscy8SAF90YWctZxIBFh44EgEvNzUSAWBQMTI0MjjVAQ8SAQfxC3NlY3VyZXB1YmFkcy5nLmRvdWJsZWNsaWNrGALyFXBhZ2VhZC9tYW5hZ2VkL2pzL2dwdC9tMjAyMzExMDcwMTAyLz0A9wRfaW1wbC5qcz9jYj0zMTA3OTUzNQYPOgMHPjQxMi4BHzhAAhAwbG9hSgMvcmU1BhyfODc3ODcxMDQwFQGKHzQVAQwxbXV0GAmiT2JzZXJ2ZXJDTJcEAlYEDxwBLR8yHAEH8QJhcHAucHJvdGVjdHN1YnJldigJ8A1jYXVnaHQvcmMtQ2ZaZXViLzExMzg3MjA2NTAvaAoDQQUPPAgEHzk8CAABFAAPDwZHnzk0OTAzNzY4OS4ECA_rAO7VYXBpL3J1bGVzP2lkPdwBBhAHUmZldGNoeAIKDwc9OTE3wAIBFAAF0QFfRkVUQ0gPCjx_ODI3MDcyMw8KCQL-BXEuY3JpdGVv4gRQanMvbGTEBADkDJ9lcnRhZy5pZHPrBRUeMusFLzk0vQRHrzc5MDE5NjY4OTWhAwcP4wA9ALoGImVucgsD7AsK4wAPiwRCA-oALzk0iwQIAJ0GH3ONBAAPoQIRHzW5AQAAFAAPoQJJrzkyNzcxOTQ0MzO-AQfxAWNkbi1pbWEuMzNhY3Jvc3NeBS9vYpACFQBzCgytAS82MXsIDw8xBiSvOTUyNDE5MTU0ONIARh43Vw4ZOdIAD38CQgTZAB83HwYIEWPOEBItPwoA2RAxcHJvrwHwRGNvbnNlbnQvNDIyMjU3ODgtNmZiMS00MzhkLTkxYTAtMGRhMzJjNzcxZmU4LzJiZjY1Y2MzLWFmNDMtNDYxNS04NjYwLTU0M2YyYTc2OWRlMS9ljgsvb27ZAhEfODABABg4Wg0PegVAnzc3NDU4ODE5ONkCCQ8uAQUCGwrwAnRlbXBsYXRlcy8yMDIyMTAu1BG_b3RCYW5uZXJTZGsBAxUeOY4MHzlOCkavNzAwNjM5MTY5MkcICQ8oAgYP-gA6PjkwMXMHCfoADykDQAcBAQ-EEQg0Z3VtcgcAaA0AYQ7TZnJhbWU_b3JpZ2luPWEUAX0Ht2lkcyZ0b3BVcmw9iBPAI3slMjJ1aWQlMjI6CwACOQAADgCPMH0sJTIybHccAAdgYnVuZGxlLAAPOgABZG9wdG91dB4AQXZhbHUrAFBmYWxzZVoADGoAH3NpAAchdGygADMlMjI-FDAlMjJDAALPAABjADclMjLVAAMfAAOVFQAgADAxNDQxACBjdw0AMXRydYIAKWxzDwAGkQA7JTIyOgEDUgADRBUUSY8A9gcwLjI0MzQ3MDMxOTIyMDI3NzQlMjJ9TQQRaY4BD8gJAh0zJwc_OTA4yw4QD1AGJZ8xNjM3ODc1NzZQBgcPTgL_qR00FgwLTgIPowRAMzY5OVUCHzg1CwgPpAUh_wFhc3NldHMvb3RGbGF0LmpzoAcRPTkxNO8QODkxNCkUD6AHPq83MDEzOTI5OTU49BAJDwIBKLB2Mi9vdFBjUGFuZQISDwgBFBwzrwYQOf8EBgIWDwgBPr82OTkwNTAxMzA5NfwRCA8IASj3Am90Q29tbW9uU3R5bGVzLmNzOxYPKw8FPTkxNLIIAhQAD4oMSsA5ODE3MzQ2MDZ9XX0
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:49 GMT
cache-control
no-cache, no-store
server
nginx
expires
Fri, 10 Nov 2023 16:32:48 GMT
getstylesettings
app.protectsubrev.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.protectsubrev.com/api/getstylesettings?id=rc-CfZeub&v=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW03
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.ksl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*, Authorization, Origin, X-Requested-With, Content-Type, Range
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
*
allow
GET,HEAD
cache-control
no-cache, private max-age=600
cf-cache-status
DYNAMIC
cf-ray
823fb1948ab39bdd-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 10 Nov 2023 16:32:49 GMT
expires
Fri, 10 Nov 2023 16:42:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HXwDczjvBEPR%2BP1JSVbjbzsEPobcfEk2SON4KOnffra5aW0ATK07Y%2B6HYg0bo7EqFUqeV%2BF1%2FNGX9xLqPQmmj78eCF8cHcGD%2F4abRaYBcIDpiqj1ugOAd4D0M94Df5xBlAPNHu9C%2F3GnCKjDnlzONUN4GA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent
x-powered-by
RCW03
x-served-by
web03
getstylesettings
app.protectsubrev.com/api/ 		2 KB
778 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.protectsubrev.com/api/getstylesettings?id=rc-CfZeub&v=0
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW03
Resource Hash
66f38cac3b88e3960e14d0ea8c136ddd9b281efb6413d8023271662dd8dedcab

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 10 Nov 2023 16:32:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2420
x-powered-by
RCW03
x-served-by
web03
last-modified
Fri, 10 Nov 2023 15:52:29 GMT
server
cloudflare
x-ratelimit-remaining
149
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMAjWMIUUkG6D0pVrl4%2Bir4K4v5VQ5volYRwDMcNgl0gqCyBuPV0Ee8ti69eph9E%2F9sA7J%2BMZ1EWZBqQUCCbCDR9q6bGWXgLJfvsgOmKebyEX%2FtUl7JKxGkU2qWQ9Bm5L8bkUdrP4AbMSfno7%2BddKVyqaw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=172800
access-control-allow-credentials
true
x-ratelimit-limit
150
cf-ray
823fb1957be39bdd-FRA
access-control-allow-headers
*, Authorization, Origin, X-Requested-With, Content-Type, Range
vary
Accept-Encoding,User-Agent
expires
Sun, 12 Nov 2023 15:52:29 GMT
ot_close.svg
cookie-cdn.cookiepro.com/logos/static/ 		651 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookie-cdn.cookiepro.com/logos/static/ot_close.svg
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Nov 2023 16:32:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
pcXWFGpuVeSg/jVnYCseRg==
age
24345
x-ms-lease-status
unlocked
last-modified
Wed, 08 Nov 2023 19:23:24 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
b718bf18-301e-006b-0d3d-13bfb9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
823fb194ac52bbb9-FRA
expires
Sat, 11 Nov 2023 16:32:49 GMT
cookiepro_logo.png
cookie-cdn.cookiepro.com/logos/static/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookie-cdn.cookiepro.com/logos/static/cookiepro_logo.png
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
088dbe5e4bb2f902e2e7c62ca7a15bae5cb55f4708d99f7c4daae7148a19a865
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Nov 2023 16:32:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
content-md5
IipuN9Einq/0wIZw6VIt/g==
age
43847
cf-polished
origSize=36419
content-length
36343
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Wed, 08 Nov 2023 19:23:24 GMT
server
cloudflare
etag
0x8DBE0902D820CE1
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
c1788666-301e-0036-57da-12b53d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
823fb1954d29bbb9-FRA
expires
Sat, 11 Nov 2023 16:32:49 GMT
poweredBy_cp_logo.svg
cookie-cdn.cookiepro.com/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookie-cdn.cookiepro.com/logos/static/poweredBy_cp_logo.svg
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8df4e2508308452516a8972eb7d993d970eefeea6705487b0e100c0fa7b4b447
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Nov 2023 16:32:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
uInNdQwuuw8s7lYl3cE7eQ==
age
41264
x-ms-lease-status
unlocked
last-modified
Wed, 08 Nov 2023 19:23:23 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
d0f239ca-701e-0045-6db1-12edae000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
823fb1954d2dbbb9-FRA
expires
Sat, 11 Nov 2023 16:32:49 GMT
s.js
cdn.siftscience.com/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.siftscience.com/s.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.67.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.67.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
eeedc1abe03200da1b9ad6c8d55cfc0c7a5f8c47e492d5826f64f3e719eacb76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 13:49:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1305813
x-guploader-uploadid
ABPtcPrpWrrkjBrDAWi7zXpGnSNqQhD1RbWpgmoSpzmfynnfH7j6Yi4kwFRkJXKq0DZAZqx8eRgV47GTIGNN_wMXJQAb
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20500
last-modified
Tue, 28 Feb 2023 22:39:30 GMT
server
UploadServer
etag
"476f50cbc514dd2a147e8856d7d6a2eb"
x-goog-generation
1677623970358201
x-goog-hash
crc32c=v7KhDA==, md5=R29Qy8UU3SoUfohW19ai6w==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
20500
accept-ranges
bytes
expires
Fri, 25 Oct 2024 13:49:16 GMT
m-outer-27c67c0d52761104439bb051c7856ab1.html
js.stripe.com/v3/ Frame 6B75 		200 B
840 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
5425691
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 10 Nov 2023 16:32:49 GMT
etag
"27c67c0d52761104439bb051c7856ab1"
last-modified
Fri, 08 Sep 2023 21:23:50 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
726384
x-content-type-options
nosniff
x-request-id
5fba2203-2a11-4d71-9134-476e7f3c7e1f
x-served-by
cache-fra-eddf8230118-FRA
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311070102&st=env
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
817bd8ba7797e05751daf4ce88ac96d89a3dbf9d8580e6d745bb1597a003a6f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12223
x-xss-protection
0
m-outer-6576085ca35ee42f2f484cda6763e4aa.js
js.stripe.com/v3/fingerprinted/js/ Frame 6B75 		631 B
526 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 10 Nov 2023 16:32:49 GMT
via
1.1 varnish
age
5425691
x-cache
HIT
content-length
399
x-request-id
c911747d-09ac-4bfe-aa56-c9a31235a03c
x-served-by
cache-fra-eddf8230118-FRA
last-modified
Fri, 08 Sep 2023 21:23:49 GMT
server
Fastly
etag
"70cacf09ae81711ac6dcbc5ee59750c4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
692630
csp-report
q.stripe.com/ Frame 6B75 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 10 Nov 2023 16:32:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1699633970047359
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1699633970046655
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 6B75 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 10 Nov 2023 16:32:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1699633970047892
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1699633970046692
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame D6AB 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
42
cache-control
max-age=300, public
content-encoding
br
content-length
540
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 10 Nov 2023 16:32:49 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
71
x-content-type-options
nosniff
x-request-id
602376e3-9e14-4c47-81b9-9e2abc84fbca
x-served-by
cache-fra-eddf8230118-FRA
x-timer
S1699633970.587224,VS0,VE0
user
messages-microservice.ksl.com/ 		0
368 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://messages-microservice.ksl.com/user
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.147.130.148 Herriman, United States, ASN11319 (DDMINC, US),
Reverse DNS
messages-microservice.ksl.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Fri, 10 Nov 2023 16:32:50 GMT
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, DELETE, PUT, PATCH, OPTIONS
Access-Control-Allow-Origin
https://www.ksl.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, X-Requested-With
Keep-Alive
timeout=5
csp-report
q.stripe.com/ Frame D6AB 		0
491 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 10 Nov 2023 16:32:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1699633970046927
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1699633970046365
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame D6AB 		87 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Fri, 10 Nov 2023 16:32:49 GMT
x-content-type-options
nosniff
content-encoding
br
via
1.1 varnish
age
285
x-cache
HIT
content-length
15509
x-request-id
607e5b3f-ce5d-4337-8b35-1e088874a078
x-served-by
cache-fra-eddf8230118-FRA
server
Fastly
x-timer
S1699633970.612127,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
432
322035.gif
hexagon-analytics.com/images/ 		43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hexagon-analytics.com/images/322035.gif?bk=46e0e4c3e4&tm=50&r=785146830&v=106&cs=UTF-8&h=www.ksl.com&l=en-US&S=e415aa7727e19753a19e89ea9036fb77&ui=0&uu=060e74bb468865b18c290191e1cdebf&t=1.1M-pound%20historic%20steam%20train%20to%20ret&u=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36&nm=4&mh=fe407dda3b01b3e3c72476fe7bf9f870&np=3&ph=596d9e73a4a75c4ceee60ad7b54864b3&sh=1200&sw=1600&cd=24&p=Win32&to=-60&d=60&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=4&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=false&tb=false&ab=false&cf=64d58bfddb44af6942e7931de5174ca7&z=z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.232.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
42.232.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:49 GMT
via
1.1 google
x-content-type-options
nosniff
server
nginx
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Jan 1970 00:00:00 GMT
6
m.stripe.com/ Frame D6AB 		156 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.228.215.240 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-215-240.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
20bfbab5a8b1b288e6dc6800d88c535706b181ad01830c847b306284e03c3769
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Fri, 10 Nov 2023 16:32:52 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1699633970181367
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2705
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1699633970178646
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 10 Nov 2023 16:32:49 GMT
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame 595E 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 17:34:10 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
1119520
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
OzLam_NawWJoaFB3JgM-wipofceULqrBn8Gr7LTHISGBwLpUwiSLXQ==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 595E 		198 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a65f93d72a5269c2a062899bf5c8de7851468f034d321470d46fdaa99d15ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63768
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:50 GMT
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame 34ED 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 17:34:10 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
1119521
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
nnnXSGEfysRtkf1FaAWbbOyTcW0WCUUVI6Rahz-XvUE-Ki4th4nCMg==
1777743085110748409
tpc.googlesyndication.com/simgad/ Frame 34ED 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1777743085110748409
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b443c91a895c0be29a92a6e1a024ab643261fe48b45091a5b4153dd17fe54901
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 02:30:29 GMT
x-content-type-options
nosniff
age
136941
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87691
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 18:07:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 08 Nov 2024 02:30:29 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/ Frame 34ED 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/abg_lite_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 18:19:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
80006
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9286
x-xss-protection
0
server
cafe
etag
5170786266788330719
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 18:19:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame 34ED 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/window_focus_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 15:42:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
3017
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 15:42:33 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 34ED 		198 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a65f93d72a5269c2a062899bf5c8de7851468f034d321470d46fdaa99d15ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63768
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:50 GMT
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame ADDC 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 17:34:10 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
1119521
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
BJ1Tk3HwzJ6H6GRJOD41XfYXGGd-D5W3QzNzVjzDyoMM2uDzr22PXw==
10953529777005510485
tpc.googlesyndication.com/simgad/ Frame ADDC 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10953529777005510485
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3a5e126c9316733a646ea76bda2dd40b7ca42a43a8c1d08d7b9dd9aaec5524f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 01:56:25 GMT
x-content-type-options
nosniff
age
52585
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78038
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 20:17:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 09 Nov 2024 01:56:25 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/ Frame ADDC 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/abg_lite_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 18:19:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
80006
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9286
x-xss-protection
0
server
cafe
etag
5170786266788330719
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 18:19:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame ADDC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/window_focus_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 15:42:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
3017
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 15:42:33 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame ADDC 		198 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a65f93d72a5269c2a062899bf5c8de7851468f034d321470d46fdaa99d15ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63768
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:50 GMT
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame 82E4 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 17:34:10 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
1119521
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
2UBN4i-BWrywwSI0OX143KTrSF8mYgSgBdo9y1M-gAq7FEeuB31yFA==
5256022634989738257
tpc.googlesyndication.com/simgad/ Frame 82E4 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5256022634989738257
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de8c73a2e86c95d68c01308cb3651428fe2688dbd53cbdc49b3d955e09860300
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 06:22:44 GMT
x-content-type-options
nosniff
age
123006
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76862
x-xss-protection
0
last-modified
Wed, 30 Aug 2023 16:50:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 08 Nov 2024 06:22:44 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/ Frame 82E4 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/abg_lite_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 18:19:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
80006
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9286
x-xss-protection
0
server
cafe
etag
5170786266788330719
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 18:19:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame 82E4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/window_focus_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 15:42:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
3017
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 15:42:33 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 82E4 		198 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a65f93d72a5269c2a062899bf5c8de7851468f034d321470d46fdaa99d15ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63768
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:50 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52840
x-xss-protection
0
server
cafe
etag
13540662535898780748
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:50 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 595E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssR_GEo5UjIpJfABLAk-TB5_6qpp86RhxcpBJtO7_LMwv23j9TMGWFAIGmIwITAdxk8OljZFXQgXa_s1SzdPDyVZkSarykCuQI-WlyNr2O_44ll9lgveQ_jChxuHKFR4nCR2Dymsc0KBOkkGk3AJchrvepGT-LiubkJJYqLSZW69YHtbMj8CdttYJidDsev5Xj-k_lqNDaLsOmLG7bK8_-LraD6UL1i5tvwMZfeyJ16i4N2b74VCOV48KtQyHwwHpaQnQ0Ab3HMx6O3Rk0z0GKuPGOJR1iXTj4usrWOWA6LmOoZgmhKULIwmt-Cb2C-5fuBnIIgOOeafEIND65AZ-6AQovONJyX3avZnu_7vxY7b0JsXI4D-vkqkA&sai=AMfl-YTD8FVJk35nyQHRGWFan37CmO1FfmYfg1fgqpcIUc8-SJTPiQMXixDM7HqiaCe_Q-Zek6TLvWmjpDihTsj-fztM4Q5nWNBI78LQFpk2MpBd1zMugXhQK8kVofrGdGVyJfn4Qo7gmRrsc-N0IBqvckbH&sig=Cg0ArKJSzK4w6j-X1XvPEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 10 Nov 2023 16:32:50 GMT
smb-dispad_728x90.js
saambaa.com/widget/gpt/728x90/assets/ Frame 595E 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7029d848f52bfa1b717070483f5a9446bade819c06378e48eb09652eda2a8bb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:45 GMT
content-encoding
gzip
last-modified
Mon, 11 Sep 2023 23:18:29 GMT
server
Microsoft-IIS/8.5
etag
"8010ef456e5d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
12006
view
securepubads.g.doubleclick.net/pcs/ Frame 34ED 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstriBtW5WeTx4smU0F3a28VEmBhjIFhC0rxEFEOtI1Q-4UphwJPZH-IdMeKLyOyNYHN5v5wdZzyZXhG74kmoppviEmShAIlCMMqIB1QuG5Av_szUGkmcVteS49gezQOo3LpIWnZbvz0Gx_sARBQ-abQdbw278KJiRSsxGmmGSx4bDH-1SLu3mWra0eMrVufoiMHpfs5_y3VPATBQ1SWwc5jQamowlpD6SbIOSW3GIs0rp_Gip8vykkwE2HhvsIq2FkF-zPfY1wJ8Rq2lMnfD4T1LsWE69Q80LwkNQZuElFac3qbU3sfVWuynXRTZ2pACd5pOW2vZ8QQ5M9eLnNaG6FqTWMEiGew6gbHGe5BkqqwAlCAN5a0kUUFdQ&sai=AMfl-YTtLKJ70MoLnqPKC07vngxOpsFyucd5bMvYrVXy55IAn6jCBgAdFQAyct8M60Ort8BnshMfMBYISjf2fGgKAmQol2iAupA6h1py7JQBUZObTNqELpldyr7WUvE6_8iG5lvM2nq38fRUmdJ6RyhMeixG&sig=Cg0ArKJSzJk6w67VlwWiEAE&uach_m=[UACH]&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 34ED 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1de4ed6060f4cfc95630431e5658bb447548569491ce757496491f944694d8b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame ADDC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9KHRFULcV1zdNJpkdJBTJOLPiHJ0hCdU6uaxNyhtJbFb_NhLDGvL6_osZZhJIXNVB_Ml5egmJ5KjarCxNFiHjgbS6wnnfmM70SMqf1O3h6RoQY3e0kjiJX7EriYlW6ukQHf5t2iRyHhGy0ur2VlnJtiCfA7aXnscN2opsoir6jJapnHpCtdzidxY03gQYvFcgsA5PKxDQ8abv5uGCzxqfKMA72dZd4A5nIg_X-08o2g-BIjJZLBaePydAY2ZlyWkZgidsoLHoRLo7iYseHN3swdJ3-VMiPoFkF7erEzZXqt-kCMLrXr0vL5-y1eDm7RsOub67f-rnkIcCul2e7Tqz2W3iWMH2NvBxp165zFDFUq-68dgDo5N0Kw&sai=AMfl-YQK7zmqFv1IGkYvwrRIbLxbRChwnuxHj380DvNqopdFkwiIApyuVca4bmImUGQ7quQVfDOC69cQzNvNtWkF4qkN-inERoZz_24S15mdTSycl0NOFSD_Jpc3MhRtoEomiWnWoLvOoODHclKFgoobqzQQ&sig=Cg0ArKJSzPCIxvpAhshFEAE&uach_m=[UACH]&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
apstag.js
c.amazon-adsystem.com/aax2/ 		265 KB
65 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a15af42dcf8e6705a1ecea1dc8a864ce0c050b8c2dc5365d760f6f8b2477825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:10:53 GMT
content-encoding
gzip
via
1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront), 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
last-modified
Wed, 01 Nov 2023 21:46:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
1319
x-amz-server-side-encryption
AES256
etag
W/"952090f32d44601808d121a61e707826"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
-B4ip8x79jBntDJzUIGNWq638RDtoX16C5InKlTXzRpkS6U7Ozy15A==
truncated
/ Frame ADDC 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00e414261ca89afd5617c8fc2e6640b40bfcc69f9b5b71fc7f0b6726e09fa55

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=40769377&t=event&ni=true&_s=1&dl=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ul=en-us&de=UTF-8&dt=1.1M-pound%20historic%20steam%20train%20to%20return%20to%20Utah%20during%202024%20tour%20%7C%20KSL.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Block&ea=off&_u=aCDAgEAjAAAAAGAEK~&jid=&gjid=&cid=233581687.1699633968&tid=UA-72877204-2&_gid=1789319650.1699633968&gtm=45He3b81n71TVLZ5Zv71929427&cg1=News&cg2=Features&cg3=Historic&cd1=eea1iml9x93n&cd2=eea1iml9x93n&cd3=1699633970958.2cf4ztza&cd5=2023-11-10T17%3A32%3A50.958%2B01%3A00&cd6=1.0&cd7=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&cd8=&cd9=www.ksl.com&cd10=GTM-TVLZ5Z&cd11=61&cd12=0&cd13=News&cd14=Features&cd15=Historic&cd16=KSL.com%20-%20News%2FContent&cd17=Content&cd18=Carter%20Williams%2C%20KSL.com&cd20=50775684&cd23=2023-11-05T11%3A40%3A30-07%3A00&cd24=internet_team&cd25=original&cd26=Article&cd27=transportation&cd28=traditional&cd31=ldq938c1dxdw&cd33=not%20specified&cd41=0&cd43=559&cd47=0&cd49=2023-11-05T11%3A40%3A30-07%3A00&cd50=utxhg93zmbl1&cd51=utxhg93zmbl1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd4=233581687.1699633968&z=1415289269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 10:06:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
23165
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 82E4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-IgdJGOieeCxBIOz7Lz-ZwPD8ny2D3ee8sR_yRdoxXfcuNrey4isdrjcd6FrsMYGc9DIYXgiullnaCko70wVlhAuTAbxCsClFnry277WIK91uny-_4R6ZxnSZXpy3yvcoHKlBbIVYoA_PKyxw0GLictfhW10WfW7WHIPAspkHyZDu3pY8ACUoLcSSxSx_L7qQ8DBevVu01W4cqZoKjUK_o9LKfcjoyE5zqnScBHNQt3h4Cj5VlcEn9O9T-xkrV49ensEy-DC1mGak27X7lH7lpTtkseNle7IrS9qcw_8wOAN5MnYS-VUkRs4WFdiIzjUPZqeneRWm-m2Kv0ZEwfkYliK8xVtnXCzsrVZrUTxizCchxVGK4dPIlg&sai=AMfl-YS3lA-Xm4THwn5h0wX93TrFyf1pYbq6Gd8ndINe8YOM7vhcZAgk2RKFBVnFj4i-Zb2CebW7xMwrkQlEh9WGAnJPN_QY4Xjuwz_AqCkOSRvPuSYvmI6MEiKZ0EUxG5llPwTInLoXY7qlxjnkLiiwNoBz&sig=Cg0ArKJSzPGoJYLbZx1FEAE&uach_m=[UACH]&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 82E4 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4bf89769e19c2506a8b8ab0661165c2e8b1b4a46411e363ac118653fbe0580c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F17A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3018
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 15:42:33 GMT
expires
Sat, 09 Nov 2024 15:42:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CD04 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8585bc1dccfc07ded8089244f8ace10eeac78a61d670e12ff0dc4db8969cafff
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_a3HPf5-Y2P6L_zp5A-wtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-_a3HPf5-Y2P6L_zp5A-wtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 16:32:51 GMT
expires
Fri, 10 Nov 2023 16:32:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
truncated
/ Frame 595E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0442b6a649fea4622d37e7a5749aad5b7f4d08a63fc71bed1b7264b6785565ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 82E4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpj7jX5o8tv_mUttg_d3R7KJ_67BttFEXsZcuNzf0TIzmrXPkkLGcCA2SBC4PbddiDqgQMZDV7uQQ5MmyHzxmWfwlg8NeERs1NccP-7YhrBYPAS6J5JOc8hBmjO-sk7Mzx8I-rZmyzMKY05HfrwD-DUV_HwwhZwzu4air4P-XuD5qfb4v_5jAEgLZSpp6owaFHYV0r0c9djE9HpAbn6mUtQwt9Iib8YpeKtCvJlvjiY6ihQRg34PvUZ1qPqtHKU9m7xHCLwuP6JmiLwUK2KAFuGZGq27IoukC6RLuIUpVEl0b9dO_sccbBx2WvStTkQYjV0mCleyedQrFrvxRy2Rkdgf-mnrtMO8qGAAfJFC7tOxxTBIoYuLMHbGxa&sai=AMfl-YRRXP6JUo-g0p_Xfy47wCycobEOqnpP9cqx5dq_mtSG-XJk2XGrHuwVBksEpAZJwgfmzPMLALP0-zlfTotu9Kl-Aj1c-4xJfkpJWKffbAeRI91wpyjuMMj1GpZLmR36WJsFTQm_SEf1idyFQB3rH0iY&sig=Cg0ArKJSzOR6frlGy2-1EAE&uach_m=[UACH]&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 10 Nov 2023 16:32:51 GMT
/
pages.protectsubrev.com/ 		21 B
525 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pages.protectsubrev.com/
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW03
Resource Hash
57de05264028a31a958c3315bb559a979fced7919c8920a4c36beaa14c5db5a1

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

expires
Sun, 12 Nov 2023 16:32:51 GMT
date
Fri, 10 Nov 2023 16:32:51 GMT
content-encoding
br
referrer-policy
origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
RCW03
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4iw29Sj26IIG6CYcZnOb%2ByNePRXFPAGOHLRdcCaLcSwtJL7kDIXGglOTxqxcboohcw4YDSdfaYWivYbCZmfYNBFDGwplmUKty8tP2yx9evZIKaK8lSWJZD9cfy5FnPQzcwz7aNP5N90t%2BdxI7zLIBmAG4ViQ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
cf-ray
823fb1a0eca79bdd-FRA
x-served-by
web03
view
securepubads.g.doubleclick.net/pcs/ Frame 34ED 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWw1Px7LFHvI3ae9UvGtdOUGPdpzcbzrornzfF4FFrDTzNoFjLvlKC0zBoj8oWUfCqUu2LiYw81Qsn1Ggt0ke1-GcOc1Q9QC244zDLxMxbEkZvjsD8ceLkpA7NX-xQpv_v9fNvkf8JoPK5BQwKeO3LYPzTwTcsWAQsN1wlAR6N5QP15mU2aBn9cXX2jSa5dVK_9jbGjrwqcw1VMRFrgK13HsYESIFxGovqKpsgU005WZN2h5ccfyuSlojMlTWc0mORdNe-SCKH1bTXHEQQOK5sjhUJ-Rs2i23SBF8aen2kx_-uw5KDVI6CooS3tFpmaap9sSMBQ7Te38ayyReKcFpsTiNdjVqApc8DYXE0YSTlyBKRq7R1hqYpTV4G&sai=AMfl-YTwNl-K9FT6SRfic6cPuyyLssq7rsrpf50QQ8lU5VgXjqkHuJHQcpEWTEWQ9khIGtrn5Vo0Bo4QIMBQC8Jq3ZHUvaCwIVm7-lVIdqnun5e1o99VqvdzQbMu0wFEb3hrS_hG66T-aLEp6dqNm6qQ1AGI&sig=Cg0ArKJSzMJsrsaLkiumEAE&uach_m=[UACH]&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 10 Nov 2023 16:32:51 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame ADDC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIyeC85sYTnWIKx1LWG4qKA3UEu126K1QlnBJ8_JpoBZDYXOT0g5_vDNKBO0DV3wVWLoCH_23Q81n_M1YTisWy1HDYcOgDavSLBfyVOYNq0B7s3mdRHGup6aTRJmPcGZjd6Y0cvWNuDfVXZlsZoM9thobe6osbliqoVJ8ZFzPQ-TmbFqp06VLDoSR53VliYj4xm_Wb39xERi8oKODi30jqQ8l14wgAO_WftiuSmL3yB0wd3OToLqiSUdB9hm7xRHv-36U5mTpuSGvUMkQKkL9EoqtiDzbsy44WVjdIqTMrLhqxGsbMudWjT0Kh-FOqVgkJBrv4m4Gz_gyWlQyZmYxk73ceAB1L4WvuXBx1iKUxcCC0bT_wZ9geG_2i&sai=AMfl-YR9_-9imD2BhZI87YF4oGVTTc-EYVwPHnMPx2ORBiJze_KO09kOGbkEAPl0CNbqERWsM4Trj2V-QmZuanq4eYxUW4lfgwoDHUL0prHMMf4jWOvhKOEQaQIIGqYtqaC1zCbU-mLR4Od0VVHWjqZHmAxE&sig=Cg0ArKJSzAVX4wF0NffsEAE&uach_m=[UACH]&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 10 Nov 2023 16:32:51 GMT
css
fonts.googleapis.com/ Frame 595E 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 10 Nov 2023 16:32:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 10 Nov 2023 16:10:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Nov 2023 16:32:51 GMT
select.css
saambaa.com/widget/gpt/728x90/assets/ Frame 595E 		1006 B
806 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/widget/gpt/728x90/assets/select.css
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f9d9c7a87c8d45bf544e7e77ebd3e5ca06c28c690e4c36bf6def49fa95326941

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:46 GMT
content-encoding
gzip
last-modified
Mon, 26 Jun 2017 22:37:38 GMT
server
Microsoft-IIS/8.5
etag
"02525d0cceed21:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
645
smb-dispAd_728x90.css
saambaa.com/widget/gpt/728x90/assets/ Frame 595E 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/widget/gpt/728x90/assets/smb-dispAd_728x90.css
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ba24eda30cf8adc762f0c2027b5e616f52d83f231c5ddd28f7b6f733d1438fc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:46 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 20:03:24 GMT
server
Microsoft-IIS/8.5
etag
"04e99bf32b4d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
2981
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161763/8209/ Frame 595E 		233 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161763/8209/pwt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.211.9.91 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-91.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
00df4c71abce5525e275be8f94ee32a07ffbeea94226e8096bbb432e3928e8b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:51 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 01:09:13 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=73959
accept-ranges
bytes
content-length
78875
expires
Sat, 11 Nov 2023 13:05:30 GMT
0
api.saambaa.com/properties/widgetconfig/728x90/partner/ksl.com/platform/ Frame 595E 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.saambaa.com/properties/widgetconfig/728x90/partner/ksl.com/platform/0?callback=__smbcfgldr922956
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
93d01f0f0e24b7d9e35675205a906e14b6f55fb50af8661694e568430994c6e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:46 GMT
content-encoding
gzip
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
content-length
1625
vary
Accept-Encoding
content-type
application/javascript
ga4mp.umd.min.js
cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ Frame 595E 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ga4mp.umd.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b647edf1597f3427578fc09d41be48660f2388e92022eb0693975efd38acda0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
37152
x-jsd-version
0.0.8
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"231b-bu7prZXfHly9j0HIF61RLekhwNc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XyiYQFrIFnc4Nu1qWSWn1u3MGowXGyVWyDOlXBGA9Mku3FsaPEFluU44CY8agDF77Z912%2BzKZs7GGVK4znug5y2WUDWHI0RqrtXUxojYeFWZOjpgJffH4mXEnPyx5RSK0nTUWHcmvL2n6mh3VtA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
823fb1a1d8149baa-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 595E 		102 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
329728db5eeef0f2ced36fb7116dda5e6ad94735c5dc7dcfd89a4ae5f6eb3540
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31507
x-xss-protection
0
server
cafe
etag
7 / 19671 / m202311020101 / config-hash: 4779486941103162602
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:51 GMT
saambaa_prebid.js
saambaa.com/assets/js/ Frame 595E 		354 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/assets/js/saambaa_prebid.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c46261799db2b9293be2af0302b45e51ab5d1e383d0e7b4994432c8fe0ff3d26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:46 GMT
content-encoding
gzip
last-modified
Mon, 17 Jul 2023 22:48:25 GMT
server
Microsoft-IIS/8.5
etag
"808288cb0b9d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
115053
analytics.js
www.google-analytics.com/ Frame 595E 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 10 Nov 2023 15:51:30 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2481
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 10 Nov 2023 17:51:30 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CD04 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311070102&jk=5271008516000&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame F17A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 15:42:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
3040
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Nov 2024 15:42:11 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/ Frame 595E 		426 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 01:55:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
52667
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136626
x-xss-protection
0
server
cafe
etag
12374074705736737879
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 09 Nov 2024 01:55:04 GMT
generate_204
tpc.googlesyndication.com/ Frame F17A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?WhsFxw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=4&c=2719&i=7ezkt7&p=ksl-com&s=12795&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjI3MTksInB1Ymxpc2hQYXRoIjoia3NsLWNvbSIsImluc3RhbmNlSWQiOiI3ZXprdDciLCJwYWNrZXQiOjQsIm1vZGUiOiJlbmZvcmNlWgDyKG9va2llcyI6e30sImVudmlyb25tZW50IjoiVVMtRU4iLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS0APBuaHR0cHM6Ly9zZWN1cmVwdWJhZHMuZy5kb3VibGVjbGljay5uZXQvZ2FtcGFkL2Fkcz9wdnNpZD01MjcxMDA4NTE2MDAwJmNvcnJlbGF0b3I9MTgwMjY5Mjk3ODgwODE5MiZlaWQ9MzEwNzk0NDQlMkMzMTA3OTUyMiUyQzMWADU1MzELAPGYMjcmb3V0cHV0PWxkamgmZ2RmcF9yZXE9MSZ2cmc9MjAyMzExMDcwMTAyJnB0dD0xNyZpbXBsPWZpZnMmaXVfcGFydHM9NjY4NiUyQ2RkbS5rc2wlMkNOZXdzJTJDUGFnZVR3byUyQ0hpc3RvcmljJmVuY19wcmV2X2l1cz0lMkYwJTJGMSUyRjIlMkYlMkYzJTJGJTJGNCUyQyUyRjAlMkYxJTJGMiUWAA8dAGkiJnC1APACX3N6cz03Mjh4OTAlN0M5NzAJAJAyQzYyMHgzMDBXAVgwMHgyNQoAeTdDMzAweDYeAAgUAPAKMXgxJmlmaT0xJnNmdj0xLTAtNDAmaXN0cxIAUWM9MSZjbwL4Fl9lbmFibGVkPTEmYWJ4ZT0xJmR0PTE2OTk2MzM5NjkxODImbG0SAJAmYWR4cz0yNTmWACUxNQYAIDk4DAACBgCRMCZhZHlzPTE1KALxADQ2MyUyQzE0NzIlMkM0NA0AETg4ApAwJmJpdz0xNjAJANJoPTEyMDAmc2NyX3g9CACQeT0wJmJ0dmk9FgGAMSU3QzIlN0MMABAzCABkJnVjaXM9FwAAEwDyBjQlN0M1JTdDNiZvaWQ9MiZ1X2hpcwgAAl0AI3VfbwAzdV9hcAA1dV9hFACQY2Q9MjQmdV9zDwH7FnVfdHo9NjAmZG1jPTgmYmM9MzEmbnZ0PTEmdWFjaD1XeUlpTEMEAPEARzUxYkd3c01DeHVkV3hzIAAEFACBRjAuJnVybD2pAzIlM0GbAjB3d3feAvAKLmNvbSUyRmFydGljbGUlMkY1MDc3NTY4NMkCsjFtLXBvdW5kLWhp8ALxBi1zdGVhbS10cmFpbi10by1yZXR1cgoA8Ah1dGFoLWR1cmluZy0yMDI0LXRvdXImdigBwCZwc3o9MTA4MngxMC0BMTYxNFMCIDdDCgAwMzA3FQAAVAIAaAICSgICCgAAoAF0eDQzODkmbUIAAhkAADgADAoAD0EABnAtMSZmd3M9EgINBAAyJm9ohAEAKAIC0wIAdQAPDgACUCZnYV923gGVMzM1ODE2ODcurgIQOBwAANQEBRIAEDkSAMBoaWQ9NDA3NjkzNzcQAKdmYz10cnVlJmRs2ALSNjM5NyZpZHQ9MjM4MJcD8gFzY3A9cG9zJTNEdG9wJTdDDAADowFlYm90dG9tFgDzAGlubGluZSUyNm94YiUzRAYB9Q1fMCUyNTJDaGItYmlkLTViMTY4NDkxOTk1YzI2OwBZcmlnaHQ6ADo2MDA6AOo2OTY5NDVmMTc1YmRhZDoAHzI7AAvlN2JlYTBiNzMyYjk2NWM7APEIcGl4ZWwmY3VzdF9wYXJhbXM9diUzRG5hBWE2Y2MlM0RqAlNlcyUyNvIAZi1pZCUzRJgCdDZwdCUzREGyAlA2c3RjYSwBgXJhbnNwb3J0mQYAPwDxB3V0aG9yJTNEY2FydGVyd2lsbGlhbXMaATFrc2z5ApE2cGFnZXZpZXdkAPAMbGRxOTM4YzFkeGR3JmFka3M9MjQ4Nzg0NDc4QwSQMTc2MDEwMDM5DQCQMzQzOTUxMzY0fQagNDE3MDYzNzI0N2oEBA0AAG8C8AEzMDIyNTQyNzMzJmZybT0y3gf2BXR5cGUiOiJ4aHIiLCJzdGFydCI6OgIwMTk4hgcdZBQAUHNvdXJjOQCyWEhSX01BTkFHRVJBANF0dXMiOiJhbGxvd2Vkrgf0BmFzb25zIjpbXSwiZGF0YVBhdHRlchIAQmxpc3QcABNpZgC_MTAyNjU3MjYwfSzfB__________r8ABtZWRpYS50d2lsaW9jZG4XDLAvc2RrL2pzL2NvbqIQAVcJ8gJzL3JlbGVhc2VzLzIuNC4xLzIAGS0kAKMubWluLmpzIiwi6ghic2NyaXB0rAgJ7QhNODM2N-0IVTMzNCwi7QigYXBwZW5kQ2hpbNoIMnN0Ye0IMGxvYRAAL3Jl6ggcjzU2ODM5NzI06ggIDwsBZS85NQsBDCJtddwKok9ic2VydmVyQ0xTAQ8SATIvNjj8CQgAeAAUYy8O9h4vaW1hZ2VzL3dlYXRoZXIvTmV3MjAxMy9TVkcvbW9zdGx5LWNsb3VkeS5zdmcFAiBpbQ0ADe8KLzA39wAALzUxAgJGrzgwMTkzOTk4NznwAGUeNucBD_AAUB848gIIAFYDH2ngAUYP4gMAD_AAUR8x4AExABEUD9ACHB814AFbnzkxMjkzMjEwMsADMg_wACEP4AFbBfAAD8ADMg_wACAvNzTAA1oE8AAvNDbQAmQfN9ACYx800AJlD5AGXAXgAR834AEH8QJhcHAucHJvdGVjdHN1YnJldp8J9xVhcGkvZ2V0c3R5bGVzZXR0aW5ncz9pZD1yYy1DZlpldWImdj1vElJmZXRjaDEICYQJLzkzsgQCFzaCB19GRVRDSHMSO484ODA5OTc4M9cCCQIpGBItjwoAoxoxcHJv-gBibG9nb3MvtgYSLyYAQHByb18XADAucG5nCAN5Cg90CAQfM2MTADczOTnyAFBIVE1MSecI0l9TRVRBVFRSSUJVVEU-AQJvCQ9uEyePNzcyMjA5ODj7AC_CcG93ZXJlZEJ5X2Nw_gAPcgkRLjQwYRQvNDD-AFWPOTkwODI1OTeACQnxKDAwYmQzM2MyMWZkMjFmMjk5M2E2MGU3ZGQ5ODIzOTkxLnNhZmVmcmFtZS5nb29nbGVzeW5kaWOiDAEhAgUgABIvgBpQL2h0bWzJDHB0YWluZXIuDwAHmgoBSwAC3QEKGwM9MjAw7QU3NDg4KQLCaW5zZXJ0QmVmb3JlQgACHwIPoAwljzg4OTIzOTc27gUIDx4BeB8yHgEMD7IMQwQkAQ8iBggCFQQPOwQND0ADJB43FQI3NTE1FQIP9wBDAjkDLzg02QoID_cAEwImAA8yBRo9NDAx6wEK9AACqA8PAwMwBR8FD-EJCALCAA_fAQ0CJgAP6AAbHjYcBQroAA_cAUID9AAvOTH3AwgAqho_YWQy8gQE8ARnZXRjb25maWcvc29kYXI_c3Y91R7JdGlkPWdwdCZ0dj1t_iBmc3Q9ZW52BAUPjRoELjUy7gooNTLsAg-NGjxwNzAxMTgwM0MbHzURCQcPDAFkDqoQDwwBVQ8YAghAbWVzc5ARYC1taWNybxoSNWljZawRMHVzZWYcAxAJDwQKBi81OOgBAAAUAAWIEw8ECj6_NzAwNjcyNDU2OTmbEAgA_Qmyc2lmdHNjaWVuY2XeBw9dFBMRObkDI2Vu5BwCWCIZNukIArUED10UM783MDA5NzEwODgwNboECT9kbi7QACcOaw8K0AAPnQRABtcAHzZ5BgiCanMuc3RyaXChAfEcdjMvbS1vdXRlci0yN2M2N2MwZDUyNzYxMTA0NDM5YmIwNTFjNzg1NmFiMYsJHyOfImSidGl0bGU9MS4xTegiNCUyMOoiMSUyMOwiMSUyMO4iAAgAQm8lMjDyIgQOAHJVdGFoJTIw-CIwJTIw-iIBHABAdXIlMjAkYCUyMEtTTLYC8AQmcmVmZXJyZXI9Jm11aWQ9TkEmMiIwTkEmXRdRaW9uPTb-IYBpZXc9ZmFsc04KA7YDH2mgCgYuNTGvBi83MT0VRc83MDA4OTQyNzc2NjScBQcPCwL_Zh4yjQsKCwIPHQRDBBICD40LCA-uBwsCHgAAaRpSYWRzYnnRDQniBQ-2BgRbNzAzNjOWCgAUAAg-Gg-2Bj4QNjsYfzgzOTA3MDIEAwfwAmMuYW1hem9uLWFkc3lzdGVtAgTPL2FheDIvYXBzdGFn4AATLDk1agwhNzAUAA-WB0qfNDYyOTcwNzMz4AAHP3RwY4gKBAF-CgKEChky5QAPBBwGLjk3xgE4MTI0xQQPugJAvzY5ODI5MTQ5Mjc5rgcIAJwCH3N7EwAGOAsPnAIFPDEzMzgVVzcxMzM3Jg4PnAJBjzI3NzE5NjgxqwcID7wBE48vMjI1L3J1bi4RF0w3MTIyoAhINzE0NfMAD3AJOb82OTc4NDA1NTY4OB4LCA_uAEgdNJ0DC-4AD7cCQgT1AA-3AgkA3CsDSAX0BWNvbS9yZWNhcHRjaGEvYXBpMi9hTwgPXwgMMDcxMrACCUELSDcxNDaaAw_RATyPNjUwMTE0Njm_AggP3AA2D78BAQncAA-_AUPANjUwMTE0Njk0fV19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:51 GMT
cache-control
no-cache, no-store
server
nginx
expires
Fri, 10 Nov 2023 16:32:50 GMT
quant.js
secure.quantserve.com/ Frame 595E 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:52 GMT
content-encoding
gzip
etag
"0nVqEbFaTM2zzuiWgn9NwQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 17 Nov 2023 16:32:52 GMT
op.js
tagan.adlightning.com/saambaa-deseret/ Frame 595E 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/op.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe3db1ddc535cee795d1065a2d6e8bc1b256e3c2d15577549442545c65f1712c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
YXZNSvX.DyvSzocrMshZd_Di0qU9rkKC
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
date
Fri, 10 Nov 2023 16:31:59 GMT
x-amz-cf-pop
FRA60-P4
age
57
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
7087
x-amz-meta-git_commit
5f40b44
last-modified
Fri, 10 Nov 2023 05:25:10 GMT
server
AmazonS3
etag
"90a4f4064798ebf9cf328737a92182c2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800
accept-ranges
bytes
x-amz-cf-id
vCtsbSrFg-fXqyk3PysVf-wyTaTt3bYSeMwAxEDGAyCv67bhZKeYmA==
0
api.saambaa.com/post/storyboard/16868/market/ Frame 595E 		1 KB
804 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.saambaa.com/post/storyboard/16868/market/0
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c2c25bb39f8efa8b490d7c22d2f4ad85f62b78f0fcc7b0aa74c6771f017a55ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:47 GMT
content-encoding
gzip
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.ksl.com
access-control-allow-credentials
true
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 595E 		152 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6200089548495652
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54cddfc45b373881f87b7f0ed6f847514c27b12e7a1692145ddd2a2ebba01efd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Origin
https://www.ksl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52820
x-xss-protection
0
server
cafe
etag
15807407035323437602
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:52 GMT
logo-saambaa.png
saambaa.com/assets/image/ Frame 595E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa.com/assets/image/logo-saambaa.png
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d33f7513fa0e7c91f0612b7ef6e44aadedc1ea2165b737d22c425835ea130b96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:46 GMT
last-modified
Mon, 02 Oct 2017 20:10:35 GMT
server
Microsoft-IIS/8.5
etag
"22c03482ba3bd31:0"
x-powered-by
ASP.NET
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
2412
loader-dots.gif
saambaa.com/widget/gpt/728x90/assets/ Frame 595E 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa.com/widget/gpt/728x90/assets/loader-dots.gif
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
03aad58f643224f6ce0d2172cb2ed55ca8129bdab96873e2d4ed033972f0c800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:46 GMT
last-modified
Mon, 26 Jun 2017 22:37:38 GMT
server
Microsoft-IIS/8.5
etag
"02525d0cceed21:0"
x-powered-by
ASP.NET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
33406
truncated
/ Frame 595E 		690 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6a5e09e10f94077749be842a39eccdb423df69e86b81b279683fcfc33ad443c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/svg+xml
collect
www.google-analytics.com/g/ Frame 595E 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-JCS1L4Y3F2&cid=1488152193.1699633971&_npa=1&_s=1&sid=1699633971&sct=1&dl=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&dr=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&dt=&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=0&uap=&uapv=&uaw=0&seg=1&en=smb_728x90_desktop
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ga4mp.umd.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-TWKb6gH_3MnFX.js
rules.quantcount.com/ Frame 595E 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-TWKb6gH_3MnFX.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ab:7200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6276bdfd4e4844bffab5fc63afcbf296b5ab01ffab5ec61c7c513ba41089d09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 15:52:18 GMT
via
1.1 8be6e843d0ee8ff03a0a07d811ce5bf8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P3
age
2435
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 00:10:08 GMT
server
AmazonS3
etag
"60b74b47b16486dd7914c1bc3fe2b29f"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
FUgYaiOSte8Q78lseUkRkB4R9XfohoZHrhbQ_bArie0OVz1VFYDWUw==
b-5f40b44-9f6c1b2b.js
tagan.adlightning.com/saambaa-deseret/ Frame 595E 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/b-5f40b44-9f6c1b2b.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6611a010c1c02623f19baee463ab2bd5d3ca94f8a6cd0219b243212fd1751423

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 18:10:55 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
fP8PuZH8BatVq5HXfIsv4.6uZaG8ahhC
x-amz-cf-pop
FRA60-P4
age
3882117
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30497
x-amz-meta-git_commit
5f40b44
last-modified
Tue, 26 Sep 2023 18:10:17 GMT
server
AmazonS3
etag
"ee93a36c1860a5bf0ba3dd2972e0f548"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
uQZylTo_p4czBLS0NPjM5-TzzjYqmj01G_DFUfG4C_jGJA6pmwAagQ==
bl-34df212-55892923.js
tagan.adlightning.com/saambaa-deseret/ Frame 595E 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/bl-34df212-55892923.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe9df01e92d9c0e137f7e221e560e78695bf9232d13aa143e391e2e3c7f09c7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 05:27:01 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
DMkld.kXgFy5aUWIrrKoFpKh4kqORKtG
x-amz-cf-pop
FRA60-P4
age
39952
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33029
x-amz-meta-git_commit
34df212
last-modified
Fri, 10 Nov 2023 05:25:01 GMT
server
AmazonS3
etag
"980667be13325f2e18c61e31bc23552e"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
7mmgV5gjqRHyvfQjLJdDgat-z9dq_IxA8eeTElIrzOS6rcuBVzLBXA==
sync.html
public.servenobid.com/ Frame 3BD8 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
46554
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Fri, 10 Nov 2023 03:36:59 GMT
etag
W/"ea81456e0a6e1fca0e7a864b1d3121aa"
last-modified
Mon, 02 Oct 2023 23:54:30 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
x-amz-cf-id
3QVeAfxahJxOIvbhjFEVveWUXnpIGuyn_WiqE22XahJv4cFqyXS1Hg==
x-amz-cf-pop
FRA56-C2
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:58584356-ee8f-4de0-abcc-b50f847fba2c
x-amz-meta-codebuild-content-md5
d3f9c0952d74faa30fada14e06b377b0
x-amz-meta-codebuild-content-sha256
8aa4841af9e8588faa6f0e126d94acab1f39eb0115dfa16eac2daccf149690d0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
rubicon
ex.ingage.tech/v1/syncPage/ Frame 733D 		951 B
644 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/syncPage/rubicon?userId=29bccf64-7590-4da7-9795-e8390147c0fe&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d048d1ba1fb1f78e38c3e0cc432db86fb8138d98d4b61242b1b7951f62208b1

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
cf-cache-status
DYNAMIC
cf-ray
823fb1a648189b74-FRA
content-encoding
gzip
content-type
text/html
date
Fri, 10 Nov 2023 16:32:52 GMT
server
cloudflare
vary
Origin
pixel
ap.lijit.com/ Frame 6D73 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsovrn%2F29bccf64-7590-4da7-9795-e8390147c0fe%3Fuid%3D%24UID
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Fri, 10 Nov 2023 16:32:52 GMT
X-Sovrn-Pod
ad_ap6ams1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6E44 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F29bccf64-7590-4da7-9795-e8390147c0fe%3Fuid%3DPM_UID
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.211.9.91 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-91.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=119376
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 10 Nov 2023 16:32:52 GMT
expires
Sun, 12 Nov 2023 01:42:28 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync.html
ad-cdn.technoratimedia.com/html/ Frame E5B8 		17 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.24.0
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:f76:14f7:d635:25c4:c8d7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CFA) /
Resource Hash
2bd27fb4cdd30b9b0c730e44a8ec482a49dbf95eaa5c3f399c816dfef9990beb

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age
362
cache-control
max-age=900
content-encoding
gzip
content-length
6048
content-md5
jpm9v92eYnJZrYEV0creyA==
content-type
text/html; charset=utf-8
date
Fri, 10 Nov 2023 16:32:52 GMT
etag
84d4a6e5-3860-4103-9387-92737002d50d
expires
Fri, 10 Nov 2023 16:47:52 GMT
last-modified
Wed, 16 Aug 2023 20:56:04 GMT
opc-request-id
iad-1:dxwXxRAWK5pgI2ubphFffQokzDoxHYr8vdlJ5hwepOwth9O_g8sAClXLlK7UsCFD
server
ECAcc (frc/4CFA)
storage-tier
Standard
vary
Accept-Encoding
version-id
ff6bccb1-2ffd-4aa2-bd14-9776592cc90b
x-api-id
native
x-cache
HIT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 94E1 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158976
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.211.9.91 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-91.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=119376
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 10 Nov 2023 16:32:52 GMT
expires
Sun, 12 Nov 2023 01:42:28 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame C8BE
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F29bccf64-7590-4da7-9795-e8390147c0fe%3Fuid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F29bccf64-7590-4da7-9795-e8390147c0fe%3Fuid%3D&s=192379&C=1
2 KB
879 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F29bccf64-7590-4da7-9795-e8390147c0fe%3Fuid%3D&s=192379&C=1
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45a3af26e772e32e1890d13c9c7056099333d8f6e8831100f8fa8fa484b3f321

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
823fb1a6dd5cbb71-FRA
content-encoding
br
content-type
text/html
date
Fri, 10 Nov 2023 16:32:52 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJhLfgdohxJJZu4P3PCZ7hHedsN9nIjBvvtU1Pkv4PKifoj%2BjBFn1U%2FgEWZpvT9wA2lP7aXHWwKHulTe8whRMIYbYuhCn8Uefmgaq1TzZ4vcLlzsbhmmdsyxr9d4gSFpLVvRzorqyVoG0g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
823fb1a69ce0bb71-FRA
content-length
0
date
Fri, 10 Nov 2023 16:32:52 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F29bccf64-7590-4da7-9795-e8390147c0fe%3Fuid%3D&s=192379&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2FcsGLVuD%2BzJxKw%2FJZfj0LOWyS7LWqCdbJjIWs%2BY5PTqdlHIPc8om%2BnggIDTKvjRynzZ8UoFm4frVUy0LGIXzSGORt5%2FjjzOaJ5yjXOzFG39DvPCKV6fIIwzrjqYLUUFxEbs%2B6QQOB7Fng%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ Frame 595E 		400 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6200089548495652&plah=www.ksl.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb7f6e8e30df0bc5493e7d9020456934ba841d7451270e7c104b8f96a41be493
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138484
x-xss-protection
0
server
cafe
etag
14528941996437926737
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:52 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/ Frame F13E 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/zrt_lookup_fy2021.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
8686
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 14:08:06 GMT
etag
16674218716276178799
expires
Fri, 24 Nov 2023 14:08:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 6E44 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=29668594&p=95054&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F29bccf64-7590-4da7-9795-e8390147c0fe%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:52 GMT
content-length
0
dcm
s.amazon-adsystem.com/ Frame C8BE
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZU5bNKWNMtQWX-mrcXnT-AAABHYAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZU5bNKWNMtQWX-mrcXnT-AAABHYAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZU5bNKWNMtQWX-mrcXnT-AAABHYAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F29bccf64-7590-4da7-9795-e8390147c0fe%3Fuid%3D&s=192379&C=1
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Nov 2023 16:32:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
B2FYGH61S468A95NEWSC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 10 Nov 2023 16:32:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RJ6W1BQ1Z14DK1HADVVE
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZU5bNKWNMtQWX-mrcXnT-AAABHYAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame C8BE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZU5bNKWNMtQWX-mrcXnT-AAABHYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJ9ReLaudqx3vopoe42tqoU&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJ9ReLaudqx3vopoe42tqoU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F29bccf64-7590-4da7-9795-e8390147c0fe%3Fuid%3D&s=192379&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=woMIHbhDoZhQULNQt7GJWAYgJh0qpwB6QgEF1Gjyf3N%2FDoxuvAa2mCBeYOXUOZMouGcF13%2FFMVAWTo0bL7zxEPBHI9Vzu69hSuXHrRJ29UP046N1KSmbnfA75VxLqzsJrW2wQckfGA8nOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
823fb1a8ebae367b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJ9ReLaudqx3vopoe42tqoU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame C8BE 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F29bccf64-7590-4da7-9795-e8390147c0fe%3Fuid%3D&s=192379&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:52 GMT
server
Kestrel
content-length
70
content-type
image/gif
28292
i6.liadm.com/s/ Frame C8BE
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZU5bNKWNMtQWX.mrcXnT.AAA%261142&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZU5bNKWNMtQWX.mrcXnT.AAA%261142&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=b41fc7c6d2724d1696f74dc59f9d816c
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-Gx6usKoqZNc3l_Pi9JCYfWzgzaFo3V6XJygOdQ
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-Gx6usKoqZNc3l_Pi9JCYfWzgzaFo3V6XJygOdQ
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-Gx6usKoqZNc3l_Pi9JCYfWzgzaFo3V6XJygOdQ
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F29bccf64-7590-4da7-9795-e8390147c0fe%3Fuid%3D&s=192379&C=1
Protocol
HTTP/1.1
Server
2600:1f18:ed:550f:9c1b:36c6:f801:176e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Fri, 10 Nov 2023 16:32:53 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-Gx6usKoqZNc3l_Pi9JCYfWzgzaFo3V6XJygOdQ
Date
Fri, 10 Nov 2023 16:32:53 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
crum
dsum-sec.casalemedia.com/ Frame C8BE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZU5bNKWNMtQWX.mrcXnT.AAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJc5RUAXI-FJYCXFgIzU1vE&google_cver=1&google_hm=2
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJc5RUAXI-FJYCXFgIzU1vE&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F29bccf64-7590-4da7-9795-e8390147c0fe%3Fuid%3D&s=192379&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qsm2S4VtKH2gmz%2FKUl3ZAOhmDv8LYmU1AEIknecE%2BWXegiLnZDCHEMSxRc%2BIzggZ0iA6a46oX816bfu7fEk2n9XvgpsGlVFEAT83UioDIyANHrQjcPB5%2B1af89zoEeLZyMSpMuKAOLjyjg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
823fb1a8ebab367b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJc5RUAXI-FJYCXFgIzU1vE&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame C8BE
Redirect Chain
  • https://trace.mediago.io/ju/cs/indexexchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=4df39c4938dcbb3027p2i400losu6mnf
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=4df39c4938dcbb3027p2i400losu6mnf
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F29bccf64-7590-4da7-9795-e8390147c0fe%3Fuid%3D&s=192379&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rgyaqvTW6O9VgtTswA45MuElQ0KVrxV73OMO%2FEnAXro5r3J09zqcmnglfCxU2cCuJdFQvI8r9X6ffuRMpAGrotgUpAfBDdiGjehwPK6tVWdxP9ZttFCY8Ke8KmqVI%2BC0XRYHdeHwy9St3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
823fb1aa4dce367b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 10 Nov 2023 16:32:52 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=4df39c4938dcbb3027p2i400losu6mnf
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ZU5bNKWNMtQWX-mrcXnT-AAABHYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame C8BE 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZU5bNKWNMtQWX-mrcXnT-AAABHYAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F29bccf64-7590-4da7-9795-e8390147c0fe%3Fuid%3D&s=192379&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:b2f6:43fb:c655:2341 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ssbsync.smartadserver.com/api/ Frame C8BE 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F29bccf64-7590-4da7-9795-e8390147c0fe%3Fuid%3D&s=192379&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:52 GMT
content-length
0
29bccf64-7590-4da7-9795-e8390147c0fe
ex.ingage.tech/v1/sync/ix/ Frame C8BE 		0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/ix/29bccf64-7590-4da7-9795-e8390147c0fe?uid=ZU5bNKWNMtQWX-mrcXnT-AAABHYAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F29bccf64-7590-4da7-9795-e8390147c0fe%3Fuid%3D&s=192379&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:52 GMT
cache-control
private, max-age=604800
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
823fb1a80a739b74-FRA
vary
Origin
13926
g2.gumgum.com/usync/ Frame 78A6 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.27.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-27-93.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9dbf76fe871648e04d8a66b1f1a28df4a278b7a619ccd1a8ce2ef6f18aacb631

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 10 Nov 2023 16:32:52 GMT
etag
W/"0acdb930cd83a35cf90745452fefe0865"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 4AEA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 2A07 		877 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
2b38f2cb553562feaa1db64a4026fbbd8833e0459410392cae926399a75c4d2a

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
877
content-type
text/html
date
Fri, 10 Nov 2023 16:32:51 GMT
usermatch
ssum-sec.casalemedia.com/ Frame DDB7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f0425747a339ebb3b79254d022dcc745aacf1b1fdafdceb51758f156e34a5e8

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
823fb1a7da11367b-FRA
content-encoding
br
content-type
text/html
date
Fri, 10 Nov 2023 16:32:52 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GM7dkv5VFDT6tPTX6dfLQesO6T932Fc91%2BZ3kt29QE1vEduIm75z7nzCJcoUwsbIi5Pt5gPm3Rv2eM9A4VWeQfMtoU1qkQRyJcWAJDo%2BYehjc3t5gcAaUUVfEOy3a4hFgYcE9qv371PZew%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 930E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 10 Nov 2023 16:32:52 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 10 Nov 2023 16:32:52 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FA8C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.211.9.91 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-91.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=119376
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 10 Nov 2023 16:32:52 GMT
expires
Sun, 12 Nov 2023 01:42:28 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 06AB 		0
526 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:6000:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Fri, 10 Nov 2023 16:32:52 GMT
server
istio-envoy
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-cf-id
9GB9Y2MjKHjZf-OLx7-iLJncPoCx5Fbta2UyNLk5hKJfmDKxTvaZAA==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
user-sync
sync.adkernel.com/ Frame 82E2 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Fri, 10 Nov 2023 16:32:52 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 442A 		0
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.205.170.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-170-196.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Fri, 10 Nov 2023 16:32:52 GMT
server
istio-envoy
x-envoy-upstream-service-time
0
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
sync
ads.servenobid.com/ Frame 3BD8
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID
  • https://ads.servenobid.com/sync?pid=312&uid=7265742245611248552
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=7265742245611248552
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:52 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:52 GMT
an-x-request-uuid
bfbe107e-ccad-4cc7-a5cc-c221c035ee95
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=7265742245611248552
x-proxy-origin
185.213.155.177; 185.213.155.177; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 3BD8
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=HokAsRZHabiHgYW-QmeohwKU
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=HokAsRZHabiHgYW-QmeohwKU
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:52 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 10 Nov 2023 16:32:52 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=HokAsRZHabiHgYW-QmeohwKU
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 3BD8 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 10 Nov 2023 16:32:52 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame 3BD8
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1699633972504
  • https://ad.turn.com/r/cs?pid=45&rndcb=192310429
  • https://sync.1rx.io/usersync/turn/3817330636728049063?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-7b545757-4080-48e8-b12d-ce9ee5f1f051-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-7b545757-4080-48e8-b12d-ce9ee5f1f051-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-7b545757-4080-48e8-b12d-ce9ee5f1f051-003
0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-7b545757-4080-48e8-b12d-ce9ee5f1f051-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:52 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-7b545757-4080-48e8-b12d-ce9ee5f1f051-003
date
Fri, 10 Nov 2023 16:32:52 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX7b545757408048e8b12dce9ee5f1f051003
content-type
text/html
sync
ads.servenobid.com/ Frame 3BD8
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5144588527380379815
0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5144588527380379815
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:52 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5144588527380379815
Date
Fri, 10 Nov 2023 16:32:52 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 3BD8 		0
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:52 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-198
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 3BD8
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:52 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Fri, 10 Nov 2023 16:32:51 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
occ
ups.analytics.yahoo.com/ups/58559/ Frame 3BD8 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58559/occ
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:52 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame 3BD8
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ads.servenobid.com/sync?pid=346&uid=ua-22c03961-f514-3628-ae79-e36580725b6b
0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-22c03961-f514-3628-ae79-e36580725b6b
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:52 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-22c03961-f514-3628-ae79-e36580725b6b
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:52 GMT
cache-control
no-store
content-length
0
expires
0
occ
ups.analytics.yahoo.com/ups/58632/ Frame 3BD8 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58632/occ
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:52 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame 3BD8 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.200.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-200-246.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:52 GMT
sync
ads.servenobid.com/ Frame 3BD8
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:52 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Fri, 10 Nov 2023 16:32:52 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Fri, 10 Nov 2023 16:32:52 GMT
usync.html
eus.rubiconproject.com/ Frame 733D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=insticator
  • https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Requested by
Host: ex.ingage.tech
URL: https://ex.ingage.tech/v1/syncPage/rubicon?userId=29bccf64-7590-4da7-9795-e8390147c0fe&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ex.ingage.tech/v1/syncPage/rubicon?userId=29bccf64-7590-4da7-9795-e8390147c0fe&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 10 Nov 2023 16:32:52 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 10 Nov 2023 16:32:52 GMT
location
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
server
AkamaiGHost
activeview
pagead2.googlesyndication.com/pcs/ Frame ADDC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstm-861c213ZpNn_NkaRw301cYSsfEBMBlM1XRPNndaUBDIf7TirjLPrNRNwdjV4PviKuNqvPHJI-qorXLN9bMtiGyXSn_rYV1fIowEP9m1-b7ARBSZhl2dNQoxTL4QByUCiTgNg9Jeuw&sig=Cg0ArKJSzH8jDYjI-RMqEAE&id=lidar2&mcvt=1048&p=443,985,1043,1285&mtos=1048,1048,1048,1048,1048&tos=1048,0,0,0,0&v=20231106&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=4170637247&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699633970062&rpt=1335&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pages.protectsubrev.com/ 		21 B
362 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pages.protectsubrev.com/
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RCW03
Resource Hash
57de05264028a31a958c3315bb559a979fced7919c8920a4c36beaa14c5db5a1

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

expires
Sun, 12 Nov 2023 16:32:52 GMT
date
Fri, 10 Nov 2023 16:32:52 GMT
content-encoding
br
referrer-policy
origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
RCW03
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gnhBHc7DqHrz4A6EoKvgAf%2BDy%2F0Wm06hGkF%2FslIihClTCBqdWb3Mt5FchfxIjhVCuXTU6MF%2BmU%2FTJW6VlvS3VswMWbtJOhCbk7zGh3aKmft6W3FY5NHtoAxBBTySK5POIAr2K91W1AYp8CTOkI6lBBFOeZ9n"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
cf-ray
823fb1a80fa49bdd-FRA
x-served-by
web03
pixel;r=1549586489;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour;ref=https%3A%2F%2Fwww.ksl.com%2Farti...
pixel.quantserve.com/ Frame 595E 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1549586489;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour;ref=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour;uht=2;fpan=1;fpa=P0-2004685864-1699633972045;pbc=50014a52-757c-4aa4-98b0-d55502c47caa;ns=1;ce=1;qjs=1;qv=d48babbb-20231018122215;cm=;gdpr=0;d=ksl.com;dst=1;et=1699633972476;tzo=-60;ogl=;ses=b775b4c2-6312-4e1d-8ad8-610c3d53c084;mdl=
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:52 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
services
sync.technoratimedia.com/ Frame E5B8 		0
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?src=prebid_prebid_7.24.0&srv=cs&att=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:7130:bb0b:d7e:bee2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:52 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
696245780
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311070102&jk=5271008516000&bg=!S0ilSAfNAAZxrfrxUa07ADQBe5WfOHaT0Z_55PewK1kCzTCdN1xeHHskg4_wqaDYvdZgqvrW59n2J0g0IKt4ZnL-pgMoAgAAAE1SAAAACGgBBwoAle5DrDraxU1GNsvM-XWP9qFpq_O1GvMlpiB7Q4CHB9Oq8YDwRuGQCOu9Hfc2m0ZPDkRUM7w4bVWs6NVnaW2xCHJafY0zK8-heww5uttk0thaS6LtBgbYu-8nJcAMuute48KpjhDsmkAO_iWVCmKyHpjEoIfjOWCPeGsHfCyW3mjz1wR2v5_Mo4GSLLqxN3Jt5_zYauJEmQKsZRpBFijFE2JFYh_nQimp3n2a1nUktiPfBdiWHS3zuT3JlRoUaKNEVgxZb6H1umRlmuDbgX5rkIFEXruvQeNSFr_BOpdPjWKarERjuQV53qwSxsk6gVk8ehZMSgRZ2nKaIh-I8y6eDvzPHKzdU6GeB0uKgodxen_ZLRKKJUMHundaTJ4578InGw1hyMsN1Xr7jIblXMemAXzFXZxk47LZGUCwqYYAZbuO6KU9FIzYZQOC8wFUGXgVfa45sT5o5SdCr7DKnPZefJeWzztseIx9XqYwVM8zQxdn-jO3YFi0BrJvghZKzqsGTagp4Xp9LTrnW1yGhbvMD2WOJ3LnPR_5A4lPfBNSwyJXGmOhl4026MVWtwNuLBe1sZ-s0Yw60BJG3VTMN67lgQhMAE0P-QOgfpTaMzsNWD1xoUhoTn20cRPl9Z-IQWA9A566jhfLuhGo94sj-gLLBgt-twpfqTx16C0OU_T9Cd3cFXX6Ap0QRdTC4l_fCyLbngV9S92r3iWGuYvwvXUfQIqoHpT3mf35ma8-BlQDxLBcwTW8j8xgty4uXx5AH0TC2j12AWcbtnmoDxvCFHqn7t2sPZH9V2WA_Jm-tRlhfnXILrf0MXk_SvyLIKpdC9A0zjPd2AEWLCwnWOqBDG48qBd7ji1ZGXMsjkg0cRpTDtoaWm_YRBQ_8qWKOspjDbqu_e4usjva9VtIPP7h9ilUVRjQ0MAXVwsVTPm7QsUNlMLw2Q8jVOu-DAZMkYiUwpXd7UVVS110k77xPcVsdKtislh7evxFngSBSZHrEpCu13kakNu18TobaLaymPE4nmjmlu-56FvScnAYopKLZoPmUHFP_8TdMKl6brck7CWztIiHUxhRvowfxuiUCKGaSzbj9pkD1mo9_jBEN98H4lXo1uJqh0Ez
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
blank.png
saambaa.com/assets/image/ Frame 595E 		68 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa.com/assets/image/blank.png
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:47 GMT
last-modified
Wed, 14 Feb 2018 23:02:54 GMT
server
Microsoft-IIS/8.5
etag
"cebd78f2e7a5d31:0"
x-powered-by
ASP.NET
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
68
728x90_oahu_v3.png
saambaa-static.azureedge.net/sidestage/ Frame 595E 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa-static.azureedge.net/sidestage/728x90_oahu_v3.png
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD3) /
Resource Hash
446b97e70c328363f2cd5fbc1eee6d8307ee92ef0a8e894bbca5409e110095e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 10 Nov 2023 16:32:52 GMT
last-modified
Thu, 27 Jan 2022 00:46:57 GMT
server
ECAcc (frc/4CD3)
content-md5
5VOrxFk1xKRvkGqad3v+sA==
age
488492
etag
0x8D9E12E85B2CCAC
x-cache
HIT
content-type
image/png
x-ms-request-id
96fe6e44-d01e-006c-4782-0f46d1000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
17345
28292
i6.liadm.com/s/ Frame DDB7
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZU5bNKWNMtQWX.mrcXnT.AAA%261142&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZU5bNKWNMtQWX.mrcXnT.AAA%261142&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=ae222ae96e014618b11a8c15aa86f175
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-Gx6usKoqZNc3l_Pi9JCYfWzgzaFo3V6XJygOdQ
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-Gx6usKoqZNc3l_Pi9JCYfWzgzaFo3V6XJygOdQ
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-Gx6usKoqZNc3l_Pi9JCYfWzgzaFo3V6XJygOdQ
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
2600:1f18:ed:550f:9c1b:36c6:f801:176e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Fri, 10 Nov 2023 16:32:53 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-Gx6usKoqZNc3l_Pi9JCYfWzgzaFo3V6XJygOdQ
Date
Fri, 10 Nov 2023 16:32:53 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
crum
dsum-sec.casalemedia.com/ Frame DDB7
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7265742245611248552
43 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7265742245611248552
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4FRQYAv%2FMVyjkHB0y37HbgXjqTOeS%2Bi%2FhMkHlTUOY1dglXxqXdzj5bPMunuiRcmKG6Ty6HHBwe%2FBK477XFVe6%2BKQeUrAKe4wSIQF3VIGCoEXxk%2B5O93zMmfO6XXtC9BCr5kEnyIf8X%2F6Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
823fb1a8eb9a367b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:52 GMT
an-x-request-uuid
bc19c8c9-e426-4871-87fc-b25d9161cb77
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7265742245611248552
x-proxy-origin
185.213.155.177; 185.213.155.177; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame DDB7 		43 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZU5bNKWNMtQWX-mrcXnT-AAABHYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:4::26 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Nov 2023 16:32:52 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1699633972519078-554
rum
dsum-sec.casalemedia.com/ Frame DDB7
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=y9qIfMiNjy3Q2N16nouRf8XYiynQ1oogm9mGZyrR
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=y9qIfMiNjy3Q2N16nouRf8XYiynQ1oogm9mGZyrR
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2FoO0Gej%2BUJP9IthnsGxUDay0OrcK%2FfM%2FvgDWKHmihcKCUEocXyaM29gV0WISWKhIyVMaynWyLUugT6h4aZybI2OyUSTOCj%2FOHMwggLAx9sPCe5flkAPicMFDiaHu5STHro47DCanx9yLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
823fb1a8eba2367b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:52 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=y9qIfMiNjy3Q2N16nouRf8XYiynQ1oogm9mGZyrR
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame DDB7
Redirect Chain
  • https://trace.mediago.io/ju/cs/indexexchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=4df39c498269a9482f5cvc00losu6mng
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=4df39c498269a9482f5cvc00losu6mng
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pMnjQEdO%2FkspAuYteGTKzBQqMKZwxbsguSR1GtfAh5nnlSJh2QbG7inNe8xVvAV7EtDVIX5bkLPIXVG2mMJz%2FypKEil7jWe%2BKU5y3qzcpDpdCD1ksV11zvx86vmHVU5X%2F52tITfusg6cGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
823fb1aa4dd5367b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 10 Nov 2023 16:32:52 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=4df39c498269a9482f5cvc00losu6mng
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync
ups.analytics.yahoo.com/ups/55940/ Frame DDB7 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZU5bNKWNMtQWX-mrcXnT-AAABHYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:52 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
dcm
s.amazon-adsystem.com/ Frame DDB7
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZU5bNKWNMtQWX-mrcXnT-AAABHYAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZU5bNKWNMtQWX-mrcXnT-AAABHYAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZU5bNKWNMtQWX-mrcXnT-AAABHYAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Nov 2023 16:32:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CX1E58CDYA5MJY1EW6CK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 10 Nov 2023 16:32:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KKX0G02BWWKB77R1XZ5S
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZU5bNKWNMtQWX-mrcXnT-AAABHYAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame DDB7 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:52 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
ads.servenobid.com/ Frame DDB7 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZU5bNKWNMtQWX-mrcXnT-AAABHYAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:52 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
ads
googleads.g.doubleclick.net/pagead/ Frame 49AE 		15 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6200089548495652&output=html&adk=1812271804&adf=3279755400&lmt=1699633972&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C236x810_r&format=0x0&url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699633972251&bpp=13&bdt=2370&idt=283&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&cookie=ID%3D844df475bb5eeae6%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_MYcLTca-AldOlRnbxNPEw1wJlqeQQ&gpic=UID%3D00000cbf89a7250f%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_Mbx_oj8txuoS4whmloLukh8SlDFiw&nras=1&correlator=1920673714118&frm=23&ife=4&pv=2&ga_vid=233581687.1699633968&ga_sid=1699633973&ga_hid=1249276230&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=728&ish=90&ifk=3119622773&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079404%2C44795922%2C44801485%2C44807460%2C31078301%2C44807754%2C44806141%2C44807763%2C44808149%2C44808285&oid=2&pvsid=917218608026602&tmod=1047880390&uas=0&nvt=1&fsapi=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.hqpvaisid5oe&fsb=1&dtd=352
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a91798d2ac49e912aa7c9e7646a165a77b368f7a4d50d81bcc4aa7b0cce8dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
1150
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 16:32:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 595E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=onetrust-banner-sdk&cls=otFlat%20bottom%20vertical-align-content&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 595E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=ksl-header__outer&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 733D 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9508013aa8cb5143b32e62558f116c06a909d285eace78f4fe2b0a1f3e84fb83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Fri, 10 Nov 2023 16:32:52 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Nov 2023 04:29:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42878
Connection
keep-alive
Content-Length
13280
Expires
Sat, 11 Nov 2023 04:27:30 GMT
usync.js
eus.rubiconproject.com/ Frame 930E 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9508013aa8cb5143b32e62558f116c06a909d285eace78f4fe2b0a1f3e84fb83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Fri, 10 Nov 2023 16:32:52 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Nov 2023 04:29:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42878
Connection
keep-alive
Content-Length
13280
Expires
Sat, 11 Nov 2023 04:27:30 GMT
usersync
usersync.gumgum.com/ Frame 78A6
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7265742245611248552
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=7265742245611248552
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 10 Nov 2023 16:32:52 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:52 GMT
an-x-request-uuid
a9da2809-ed1e-45b0-9dc7-65911e45cd1c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=7265742245611248552
x-proxy-origin
185.213.155.177; 185.213.155.177; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 78A6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_492a0dd3-61ca-4d1c-a3a8-897bf14fcabb&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_492a0dd3-61ca-4d1c-a3a8-897bf14fcabb&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=d895ada4-f3f6-42f9-a3c9-0e0155e2744b&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=d895ada4-f3f6-42f9-a3c9-0e0155e2744b
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=d895ada4-f3f6-42f9-a3c9-0e0155e2744b
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
18.184.214.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-214-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=d895ada4-f3f6-42f9-a3c9-0e0155e2744b
date
Fri, 10 Nov 2023 16:32:52 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 78A6
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=2532ac02-8fe3-4cfe-b2d1-a5408e63aa01
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=2532ac02-8fe3-4cfe-b2d1-a5408e63aa01
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 10 Nov 2023 16:32:52 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 10 Nov 2023 16:32:52 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=2532ac02-8fe3-4cfe-b2d1-a5408e63aa01
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 78A6
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-9c32c789-6543-54f2-65be-a04596db0b1b$ip$185.213.155.177
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-9c32c789-6543-54f2-65be-a04596db0b1b$ip$185.213.155.177
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 10 Nov 2023 16:32:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-9c32c789-6543-54f2-65be-a04596db0b1b$ip$185.213.155.177
Date
Fri, 10 Nov 2023 16:32:53 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 78A6
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-mu_DmDZE2pcVha0uCGl50tLZyS6dwl_PmIqN~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-mu_DmDZE2pcVha0uCGl50tLZyS6dwl_PmIqN~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 10 Nov 2023 16:32:52 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 10 Nov 2023 16:32:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-mu_DmDZE2pcVha0uCGl50tLZyS6dwl_PmIqN~A
content-length
0
usersync
usersync.gumgum.com/ Frame 78A6
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=e4a0583d-fb42-4352-b9f6-68e136968548
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=e4a0583d-fb42-4352-b9f6-68e136968548
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 10 Nov 2023 16:32:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=e4a0583d-fb42-4352-b9f6-68e136968548
Date
Fri, 10 Nov 2023 16:32:53 GMT
Connection
keep-alive
X-CI-RTID
a270afa2-e918-49b5-be45-3643c7221c69
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 78A6 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:52 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame 78A6
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_492a0dd3-61ca-4d1c-a3a8-897bf14fcabb&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_492a0dd3-61ca-4d1c-a3a8-897bf14fcabb&s=2&us_privacy=...
  • https://usersync.gumgum.com/usersync?b=zem&i=dBv8kTB4gYsc-6473UTy&gdpr=0&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=dBv8kTB4gYsc-6473UTy&gdpr=0&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 10 Nov 2023 16:32:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 10 Nov 2023 16:32:53 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=dBv8kTB4gYsc-6473UTy&gdpr=0&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 78A6
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=jWF5jxgEwbNT&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=jWF5jxgEwbNT&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 10 Nov 2023 16:32:52 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=jWF5jxgEwbNT&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6b57df6cd5-7gjgb
expires
-1
usersync
usersync.gumgum.com/ Frame 78A6
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=3176850909799481346
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=3176850909799481346
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 10 Nov 2023 16:32:52 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=3176850909799481346
date
Fri, 10 Nov 2023 16:32:52 GMT
content-length
0
sync
ads.servenobid.com/ Frame 78A6 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_492a0dd3-61ca-4d1c-a3a8-897bf14fcabb
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:52 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sync
ads.servenobid.com/ Frame 2A07 		0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=3176850909799481346&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:52 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
b1sync.zemanta.com/usersync/smart/ Frame 2A07 		0
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Fri, 10 Nov 2023 16:32:52 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 2A07
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=1760102417468539209&gdpr=0&gdpr_consent=
43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=1760102417468539209&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:51 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=1760102417468539209&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 2A07
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CO...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=smartadserver
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=d895ada4-f3f6-42f9-a3c9-0e0155e2744b&gdpr=0&gdpr_consent=
43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=d895ada4-f3f6-42f9-a3c9-0e0155e2744b&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:52 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=d895ada4-f3f6-42f9-a3c9-0e0155e2744b&gdpr=0&gdpr_consent=
date
Fri, 10 Nov 2023 16:32:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
wt.rqtrk.eu/ Frame 2A07
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26...
  • https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=3176850909799481346&gdpr_pd=0&gdpr=0&gdpr_consent=
43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=3176850909799481346&gdpr_pd=0&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
141.95.32.72 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
haproxy-eu-005.roqad.pl
Software
istio-envoy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:52 GMT
server
istio-envoy
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type
image/gif
cache-control
no-cache,private
x-envoy-upstream-service-time
1
content-length
43
expires
Fri, 10 Nov 2023 16:32:51 GMT

Redirect headers

location
https://wt.rqtrk.eu?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=3176850909799481346&gdpr_pd=0&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:52 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
usersync
rtb.gumgum.com/ Frame 7397
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=5851998803673849921&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=5851998803673849921&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.27.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-27-93.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Fri, 10 Nov 2023 16:32:52 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Fri, 10 Nov 2023 16:32:52 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=5851998803673849921&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 5269 		170 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV80OTJhMGRkMy02MWNhLTRkMWMtYTNhOC04OTdiZjE0ZmNhYmI=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 16:32:52 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A1BC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.211.9.91 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-91.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=119376
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 10 Nov 2023 16:32:52 GMT
expires
Sun, 12 Nov 2023 01:42:28 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 47CE 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Fri, 10 Nov 2023 16:32:52 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame D0F4
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZU5bNcCo5s4AACRPt9cAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZU5bNcCo5s4AACRPt9cAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 10 Nov 2023 16:32:53 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Fri, 10 Nov 2023 16:32:53 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZU5bNcCo5s4AACRPt9cAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
m-ad282.dc4p.scaleout.jp
X-SO-IP
185.213.155.177
X-SO-Key
ZU5bNcCo5s4AACRPt9cAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZU5bNcCo5s4AACRPt9cAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad282"}
X-SO-LB-Hostname
a-tgng40010.dc2p.scaleout.jp
X-SO-Upstream-ID
m-ad282
usersync
usersync.gumgum.com/ Frame 9B77
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=gVTAiOMn0WWeadP1g58M&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=gVTAiOMn0WWeadP1g58M&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 10 Nov 2023 16:32:52 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 10 Nov 2023 16:32:52 GMT Fri, 10 Nov 2023 16:32:52 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=gVTAiOMn0WWeadP1g58M&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 90F9
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 10 Nov 2023 16:32:52 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 10 Nov 2023 16:32:52 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
khaos.json
token.rubiconproject.com/ Frame 930E 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
khaos.json
token.rubiconproject.com/ Frame 733D 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
Expires
0
usync.js
eus.rubiconproject.com/ Frame 90F9 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9508013aa8cb5143b32e62558f116c06a909d285eace78f4fe2b0a1f3e84fb83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Fri, 10 Nov 2023 16:32:52 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Nov 2023 04:29:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42878
Connection
keep-alive
Content-Length
13280
Expires
Sat, 11 Nov 2023 04:27:30 GMT
khaos.json
token.rubiconproject.com/ Frame 90F9 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 595E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJKVafE1TpiUBomAVR8a4U592QPsXteRtEnAAD2RN25yu9qn7zc1rB-mRjSVhFSVCuVLblVn9LuovzCzlznYe2taFl-LA43F8bel37Q36jXyQGKHwYDnIYrY_g5zeG5Zup4_fJ-o0dsop192SpQ4Z67s3NME-Wuyn-qhIZqSdCq_cvwB3Y3Jdjrgxt4dGMIivEjluCe5Ws32mwk2V8BxiUGKZBrukR6Y_GckFOOEgrfg2ZBVOicK3_Cddeb7gAMFKXoW8sLFwkAw1lYqFYesCRct4IU8YINBwPcJqJQgfAgfFFId0O-xR4zfA0umHszFscyIRKeig8ObKJPYQUm5j1z4LueXtJPcxh7NXi9D1_GYRAhXdvvBz8_c9z&sai=AMfl-YRKpFm0qMw7zp8-2NMeSEQyVeBaIQ4WGbEc_AUrLYZbxOEGakcCMY0fEw2uymn1mDWQ42lmfapVQtJAbQgYqmpmHBAiwDXv6Ty7Xp5sqHDSeEkCa7A__9RGO1ovw_3g5xl21fjMvSPXdHAGWP8WcrON&sig=Cg0ArKJSzBdcIMoQCYG_EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 10 Nov 2023 16:32:53 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 595E 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231108&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6200089548495652&plah=www.ksl.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4963bf873ffec4c0e6262930932055990a587250d00c309e57ef604251fff067
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12447
x-xss-protection
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ksl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.ksl.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Fri, 10 Nov 2023 16:32:53 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ksl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.ksl.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Fri, 10 Nov 2023 16:32:53 GMT
prebid
ads.yieldmo.com/exchange/ Frame 595E 		0
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-0%22%2C%22callback_id%22%3A%222d419cf3b36993%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&bust=1699633973041&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=1.1M-pound%20historic%20steam%20train%20to%20return%20to%20Utah%20during%202024%20tour%20%7C%20KSL.com&w=1600&h=1200&pubcid=50014a52-757c-4aa4-98b0-d55502c47caa&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2250014a52-757c-4aa4-98b0-d55502c47caa%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.169.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-169-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 595E 		423 B
762 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=50014a52-757c-4aa4-98b0-d55502c47caa%5E1&rf=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&tg_i.domain=ksl.com&tg_i.page=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&tg_i.pbadslot=%2F65889844%2Fron01_728x90_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=45efb12894c899&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90_desktop&slots=1&rand=0.24222725188181515
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
566afd5a046a14f791403704e37a87203f6e047e7c501088f3883834eccceb27

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
423
expires
Wed, 17 Sep 1975 21:32:10 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame 595E 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 595E 		144 B
961 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
7620097e1d921baa8759da601212b8082289e650eabe1535db783c895835cc49
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
an-x-request-uuid
208af893-3a3c-4ab1-a2b5-09befeaa6f98
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ksl.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.177; 185.213.155.177; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
144
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 595E 		94 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
5e3f8af360a280016951b4c61df6f4e4d947844e2b8047b6dbe3a03e60f95ab5

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 10 Nov 2023 16:32:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ksl.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
unruly_prebid
targeting.unrulymedia.com/ Frame 595E 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.ksl.com
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame 595E 		729 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22141ca3e2393d80b%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&s=1bbe0627-1425-4c23-a801-4dd35676494e&pv=42dcf765-bc4a-4ace-93fe-59fc7399b76a&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22ksl.com%22%2C%22keywords%22%3A%22news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ksl.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2250014a52-757c-4aa4-98b0-d55502c47caa%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
18bef476ae9d24a4ce040b083f9fedf3b80fba192b5ccb9e61443e443c1d5133
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-198
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
435
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ Frame 595E 		0
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
date
Fri, 10 Nov 2023 16:32:52 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
31
server
envoy
vary
origin, Accept-Encoding
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 595E 		423 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=476778&zone_id=2832542&size_id=2&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=50014a52-757c-4aa4-98b0-d55502c47caa%5E1&rf=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&tg_i.domain=ksl.com&tg_i.page=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&tg_i.pbadslot=%2F65889844%2Fron01_728x90_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=18c63f77da253be&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90_desktop&slots=1&rand=0.9768593986312355
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d3c4619d1862647fb8da1a6e28b3e3cefda11dd37f39ee69d059b9b398538307

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
423
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 595E 		37 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8d40b55ee735d25fbdef70d7a3dbaaf1608c27b5a2410697ef01d5122b259eb

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FHUZikIBCBCZ%2FrofiuI%2FR4lWUTprWVyXugFKICcdNNVJqKaVe5ibmp3KcrF8%2Fgw8sIC8CJw2DBm663HTddDnPYiOXIt7P%2FuctRHDN9isKNkVgatTgYgGH6zFC6bpB8Y10u%2BsspwC"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
823fb1abdd10bb71-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ Frame 595E 		0
55 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
date
Fri, 10 Nov 2023 16:32:53 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ Frame 595E 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-1%22%2C%22callback_id%22%3A%2227ff73efcf8ba5b%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90b_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&bust=1699633973099&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=1.1M-pound%20historic%20steam%20train%20to%20return%20to%20Utah%20during%202024%20tour%20%7C%20KSL.com&w=1600&h=1200&pubcid=50014a52-757c-4aa4-98b0-d55502c47caa&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2250014a52-757c-4aa4-98b0-d55502c47caa%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.169.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-169-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
bid
ap.lijit.com/rtb/ Frame 595E 		94 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
6bbd05df1a94895f66312b1ef71c4d82510556a6f30c31601bbe7cdb3097441e

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 10 Nov 2023 16:32:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ksl.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 595E 		424 B
763 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=476778&zone_id=2832542&size_id=2&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=50014a52-757c-4aa4-98b0-d55502c47caa%5E1&rf=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&tg_i.domain=ksl.com&tg_i.page=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&tg_i.pbadslot=%2F65889844%2Fron01_728x90b_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=31137685446c24a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90b_desktop&slots=1&rand=0.9147799389118931
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a0ee4665b2195c13c76ba6dadd7bcc280197817dbc5e7a6bd1ad0cf25478349a

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
424
expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ Frame 595E 		729 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2233a5d33ba2da841%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90b_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&s=abd5ca9d-58a9-40df-b109-988f0016d1a1&pv=42dcf765-bc4a-4ace-93fe-59fc7399b76a&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22ksl.com%22%2C%22keywords%22%3A%22news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ksl.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2250014a52-757c-4aa4-98b0-d55502c47caa%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
6e4d0e25cfdf421234016ec8daead167b659ab6ba94d3bd603353d4ed568b0a7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-198
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
434
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 595E 		0
55 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
date
Fri, 10 Nov 2023 16:32:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame 595E 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
date
Fri, 10 Nov 2023 16:32:52 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
33
server
envoy
vary
origin, Accept-Encoding
pbjs
htlb.casalemedia.com/openrtb/ Frame 595E 		37 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14a588f8e8f3deb23adc8c768d252cdb70621f4983706bd76f230d8e6e8cb91d

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFYoe78Sp2x1gE4bps0QRwAlO9ZdLk6HBNjWiluI4sInXRVCtVv2g3niKzs7TMiKpvtIndRhl%2Bw6oAFORcrKdslKZB53kejY%2FbOv9gkab9A9MIpotP%2FOmVh40DUo8n1jNphbjiM0"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
823fb1ac0d55bb71-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 595E 		424 B
936 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=50014a52-757c-4aa4-98b0-d55502c47caa%5E1&rf=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&tg_i.domain=ksl.com&tg_i.page=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&tg_i.pbadslot=%2F65889844%2Fron01_728x90b_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=41e5a14319e9526&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90b_desktop&slots=1&rand=0.36404924050017096
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8ba59e4e15e739c6144513b9db3414f3e36185f3ac24120f62171eb3acb30b46

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
424
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 595E 		145 B
962 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4218d0014ba9f007500a22607c8bca8c90283808add5cdde9f49e66309c0fd64
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
an-x-request-uuid
ffcd5a73-3d4d-456f-9e0c-ffc50c618b2f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ksl.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.177; 185.213.155.177; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame 595E 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame 595E 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.ksl.com
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 595E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 10 Nov 2023 16:32:53 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ksl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.ksl.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Fri, 10 Nov 2023 16:32:53 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 595E 		424 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=50014a52-757c-4aa4-98b0-d55502c47caa%5E1&rf=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&tg_i.domain=ksl.com&tg_i.page=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&tg_i.pbadslot=%2F65889844%2Fron01_728x90c_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=52b22582ff14af6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90c_desktop&slots=1&rand=0.005297237709278146
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c7ea8abd800f2e3cea426e7b22ace1cb598c393b8e9de1e8d71572376803c5f4

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
424
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ads.yieldmo.com/exchange/ Frame 595E 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-2%22%2C%22callback_id%22%3A%2256f0b9fefd78719%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90c_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&bust=1699633973243&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=1.1M-pound%20historic%20steam%20train%20to%20return%20to%20Utah%20during%202024%20tour%20%7C%20KSL.com&w=1600&h=1200&pubcid=50014a52-757c-4aa4-98b0-d55502c47caa&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2250014a52-757c-4aa4-98b0-d55502c47caa%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.169.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-169-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 595E 		424 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=476778&zone_id=2832542&size_id=2&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=50014a52-757c-4aa4-98b0-d55502c47caa%5E1&rf=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&tg_i.domain=ksl.com&tg_i.page=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&tg_i.pbadslot=%2F65889844%2Fron01_728x90c_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=58c674abf650ff6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90c_desktop&slots=1&rand=0.671387078269194
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b28b7f59040bee1dc3245583e4b2174ce7e16f8044a8c057e0a6e53a261066b9

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
424
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 595E 		37 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6e0a1caeda1aef500326baa5265be59b721574bd48e0c440b0df1151b9f73a7

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAqgJ6OYxnnvoWcldu0vrgEJ%2FC8Cp3GtCMwv6FTW68%2BjiY6A4bWO0hEQx3fSe8S%2Ft4%2F9ujL7lM4eJXKY%2B%2BU97iL%2FXxyxwETtCNYR3VuMoYZR1rJ9xwk4kBw1IKpZmEy%2BqEuDr7Fl"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
823fb1acd9c2367b-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame 595E 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.ksl.com
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame 595E 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
date
Fri, 10 Nov 2023 16:32:52 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
26
server
envoy
vary
origin, Accept-Encoding
trinity.json
apex.go.sonobi.com/ Frame 595E 		729 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%226615242294426e1%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90c_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&s=26130704-6360-4e81-ba9a-f4e1f8d63cff&pv=42dcf765-bc4a-4ace-93fe-59fc7399b76a&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22ksl.com%22%2C%22keywords%22%3A%22news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ksl.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2250014a52-757c-4aa4-98b0-d55502c47caa%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e0c977564dc2dc801eee8d182bb9651219cfe084e01841dfd382feaa5d3b44a1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-198
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
435
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame 595E 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
bid
ap.lijit.com/rtb/ Frame 595E 		95 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
23e39e203a2f9ea1ae6f0f47ad5a372f602d9a8c615b8d6c5f12fb9b4f037ec9

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 10 Nov 2023 16:32:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ksl.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
translator
hbopenbid.pubmatic.com/ Frame 595E 		0
55 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
date
Fri, 10 Nov 2023 16:32:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 595E 		145 B
962 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
fd0bfa3ff518d55f37d77c6581a7966f21587130c536342fe7cd03f36c028f17
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
an-x-request-uuid
7471718b-fa69-4a2f-a9ea-510aa218978b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ksl.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.177; 185.213.155.177; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ksl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.ksl.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Fri, 10 Nov 2023 16:32:53 GMT
prebid
ads.yieldmo.com/exchange/ Frame 595E 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-3%22%2C%22callback_id%22%3A%2276212e7d89236bc%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90d_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&bust=1699633973274&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=1.1M-pound%20historic%20steam%20train%20to%20return%20to%20Utah%20during%202024%20tour%20%7C%20KSL.com&w=1600&h=1200&pubcid=50014a52-757c-4aa4-98b0-d55502c47caa&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2250014a52-757c-4aa4-98b0-d55502c47caa%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.169.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-169-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 595E 		424 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=50014a52-757c-4aa4-98b0-d55502c47caa%5E1&rf=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&tg_i.domain=ksl.com&tg_i.page=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&tg_i.pbadslot=%2F65889844%2Fron01_728x90d_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=788e420cdae3c39&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90d_desktop&slots=1&rand=0.01607833672231984
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ac5d6d95b4c75f048935cc5b94acbf0292e1ae1d8c8ef90b4e0f28079ffad339

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
424
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 595E 		37 B
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fd7336d20d7c9dcde9e7e43d5a653f700ce29ef345f4283bba54a117bc139f9

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dzm1obtCiA72jwW3o5hpWm0oyVNYxc%2FM8o6YT310TkryH50Rsvq8c7Sa6kSsnuBw0npWpCjMg6eRJbbRp3hJi21Mi7Mwnxq6Tr7lGpaPM0CLDxkxg0nhPUZ7jXAiKc0li3%2B7QKVs"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
823fb1ad2a2a367b-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ Frame 595E 		0
55 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
date
Fri, 10 Nov 2023 16:32:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame 595E 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
date
Fri, 10 Nov 2023 16:32:53 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
24
server
envoy
vary
origin, Accept-Encoding
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame 595E 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame 595E 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.ksl.com
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 595E 		424 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=476778&zone_id=2832542&size_id=2&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=50014a52-757c-4aa4-98b0-d55502c47caa%5E1&rf=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&tg_i.domain=ksl.com&tg_i.page=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&tg_i.pbadslot=%2F65889844%2Fron01_728x90d_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=9020ccec6b55469&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90d_desktop&slots=1&rand=0.5778754824956043
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7b544412a8a43bc55017f73cc65d9f50bcad137abbada5a182c0b6008df59beb

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
424
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame 595E 		95 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
6a964b3f88212b95bdcb59c34422db328a613bee81daa0ccee0bb518cbf642a8

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 10 Nov 2023 16:32:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ksl.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebid
ib.adnxs.com/ut/v3/ Frame 595E 		145 B
963 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
8393e8b9e8d3b79f0aeb5007cccb822b0d2bc0b9aa92d2bea522c5f858e8fb7b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
an-x-request-uuid
9c64db86-75df-4477-80a3-594679743642
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ksl.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.177; 185.213.155.177; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ Frame 595E 		729 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2298fb6fb5662160b%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90d_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&s=cb3398a6-2d37-410b-90e4-d534619d90eb&pv=42dcf765-bc4a-4ace-93fe-59fc7399b76a&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22ksl.com%22%2C%22keywords%22%3A%22news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ksl.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2250014a52-757c-4aa4-98b0-d55502c47caa%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
6aabec3f3072d6aa3d9f0511411fc17fc742d2e0c30579c8dbcd5978eb82a942
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-198
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
434
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
lb
be.durationmedia.net/ 		0
569 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://be.durationmedia.net/lb?s=11159&t=SD&c=4
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.164.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-164-211.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Nov 2023 16:32:52 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options
DENY
Access-Control-Allow-Origin
https://www.ksl.com
Access-Control-Expose-Headers
Authorization
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
0
sponsorships
be.durationmedia.net/ 		474 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://be.durationmedia.net/sponsorships
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.164.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-164-211.compute-1.amazonaws.com
Software
/
Resource Hash
25e1217aa2f8e9e2e3324b8ef2587aa9752f59a616f2df9b5e8343c4c32ab36d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Fri, 10 Nov 2023 16:32:53 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options
DENY
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ksl.com
Access-Control-Expose-Headers
Authorization
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
474
X-XSS-Protection
1; mode=block
Expires
0
sponsorships
be.durationmedia.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://be.durationmedia.net/sponsorships
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.164.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-164-211.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ksl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://www.ksl.com
Access-Control-Expose-Headers
Authorization
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 10 Nov 2023 16:32:52 GMT
Expires
0
Pragma
no-cache
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E470 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3020
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 15:42:33 GMT
expires
Sat, 09 Nov 2024 15:42:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 089D 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
64b9e3a9f047e154055f48aacab1f38219a676816b01e78373150a2fbb5eeb75
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fRy0sxuIHaao31d12-imWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-fRy0sxuIHaao31d12-imWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 16:32:53 GMT
expires
Fri, 10 Nov 2023 16:32:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ksl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.ksl.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Fri, 10 Nov 2023 16:32:53 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 595E 		424 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=50014a52-757c-4aa4-98b0-d55502c47caa%5E1&rf=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&tg_i.domain=ksl.com&tg_i.page=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&tg_i.pbadslot=%2F65889844%2Fron01_728x90e_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=100f5ad97c816bce&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90e_desktop&slots=1&rand=0.7281541733507533
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9140d7a42d04e663344e3e1eb41470a160cfc3fc194023908a3a72275c71dd57

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
424
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame 595E 		95 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
f597d0d96818afb2cab564c377320fb564e551cae28180602c4c698006545ba5

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 10 Nov 2023 16:32:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ksl.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
c
prebid.a-mo.net/a/ Frame 595E 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
date
Fri, 10 Nov 2023 16:32:53 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
23
server
envoy
vary
origin, Accept-Encoding
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 595E 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=476778&zone_id=2832542&size_id=2&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=50014a52-757c-4aa4-98b0-d55502c47caa%5E1&rf=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&tg_i.domain=ksl.com&tg_i.page=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&tg_i.pbadslot=%2F65889844%2Fron01_728x90e_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=106545743448e0d4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90e_desktop&slots=1&rand=0.620056410540295
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2c4230b372dcf07166678304ea268bb3f40b857b3b0d6fde5bdd069cca3923b4

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 595E 		38 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed9fb530b2f43de5cbf2b1065728f2ae6dd2199475599c814316c4ef3c6a0bc2

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V1MwV47ZzEHmLBldulDWwNQnhWU5hLfydjMq%2FvmXdWGlwZuPleo56SvL4EX92%2BsDeMBP8Jq%2F7fid5mYclVfhd8NSPEkfT8dUhRZxgRMSPGHMtDoRB1paxlnwhdN5578I5uhht9KZ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
823fb1adeb50367b-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame 595E 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
trinity.json
apex.go.sonobi.com/ Frame 595E 		730 B
967 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221126805822cfe167%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90e_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&s=fe351811-ef8a-4f7e-8361-efefacbc0a18&pv=42dcf765-bc4a-4ace-93fe-59fc7399b76a&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22ksl.com%22%2C%22keywords%22%3A%22news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ksl.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2250014a52-757c-4aa4-98b0-d55502c47caa%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
b7ab031706e98a1f46e3726fe28921c2269642bbfd8da1d240397d543946d502
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-198
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
436
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ads.yieldmo.com/exchange/ Frame 595E 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-4%22%2C%22callback_id%22%3A%2211424d3ebcc6b1bd%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90e_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&bust=1699633973428&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=1.1M-pound%20historic%20steam%20train%20to%20return%20to%20Utah%20during%202024%20tour%20%7C%20KSL.com&w=1600&h=1200&pubcid=50014a52-757c-4aa4-98b0-d55502c47caa&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2250014a52-757c-4aa4-98b0-d55502c47caa%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.169.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-169-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid
ib.adnxs.com/ut/v3/ Frame 595E 		146 B
963 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
5166fe8746f6b483288d71cb0e9ecd28992a671ddfea88cdf1e4406c1304559d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
an-x-request-uuid
e500b276-70d4-4652-b15d-4dea3cf6233c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ksl.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.177; 185.213.155.177; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
146
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 595E 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.ksl.com
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 595E 		0
55 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
date
Fri, 10 Nov 2023 16:32:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ads
securepubads.g.doubleclick.net/gampad/ Frame 595E 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=917218608026602&correlator=2882842287273494&eid=31079443%2C31079519%2C31079522%2C31079523%2C31078015%2C31079527&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D844df475bb5eeae6%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_MYcLTca-AldOlRnbxNPEw1wJlqeQQ&gpic=UID%3D00000cbf89a7250f%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_Mbx_oj8txuoS4whmloLukh8SlDFiw&abxe=1&dt=1699633973456&lmt=1699633973&adxs=436&adys=154&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=dpxejn9gvt8s&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ref=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&top=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=233581687.1699633968&ga_sid=1699633973&ga_hid=1249276230&ga_fc=true&dlt=1699633969881&idt=1901&prev_scp=Domain%3Dksl.com&adks=1332890142&frm=23
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
580fdc067c366d8425250f099c8c0e849ae9a66cbaa391749c3673b506ccd099
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12139
x-xss-protection
0
google-lineitem-id
6110887587
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138404649566
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 78EC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 16:32:53 GMT
expires
Sat, 09 Nov 2024 16:32:53 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ksl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.ksl.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Fri, 10 Nov 2023 16:32:53 GMT
translator
hbopenbid.pubmatic.com/ Frame 595E 		0
55 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
date
Fri, 10 Nov 2023 16:32:53 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame 595E 		0
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
date
Fri, 10 Nov 2023 16:32:52 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
31
server
envoy
vary
origin, Accept-Encoding
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 595E 		424 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=50014a52-757c-4aa4-98b0-d55502c47caa%5E1&rf=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&tg_i.domain=ksl.com&tg_i.page=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&tg_i.pbadslot=%2F65889844%2Fron01_728x90f_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=130d2594b79572a3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90f_desktop&slots=1&rand=0.13756615588121401
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
890a886cf18eb886ad3785be497a8fa161fdee50828cbc1f4790e6e6cd03086e

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
424
expires
Wed, 17 Sep 1975 21:32:10 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 595E 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.ksl.com
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 595E 		146 B
963 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
00d927f5fec767123ecb52c8fc8866e2e730bef44833d4b7dbdc9972168e0538
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
an-x-request-uuid
74edbbab-c716-4b50-983c-12440de7757d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ksl.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.177; 185.213.155.177; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
146
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 595E 		95 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
fd4e199844c63a7d1f5495473386caf4436b407f38549f331a1706f7b9f52046

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 10 Nov 2023 16:32:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ksl.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
97
prebid
ads.yieldmo.com/exchange/ Frame 595E 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-5%22%2C%22callback_id%22%3A%2213878116ac1d923c%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90f_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&bust=1699633973525&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=1.1M-pound%20historic%20steam%20train%20to%20return%20to%20Utah%20during%202024%20tour%20%7C%20KSL.com&w=1600&h=1200&pubcid=50014a52-757c-4aa4-98b0-d55502c47caa&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2250014a52-757c-4aa4-98b0-d55502c47caa%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.169.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-169-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
pbjs
htlb.casalemedia.com/openrtb/ Frame 595E 		38 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d33b3ee0910bcc43e0a87dd829999c5229cfcc83cdff99f715d510907107963

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYlHK2fopccQ8YEQYYaXuluHPa%2BDM7nuihGXeG2Qk%2BL1DS1TL%2FwMBDckWLPQBC9gzvpeZ0nv%2F5SuuAX66f3CWdUln7zs1o2rBr8SsTKoSP9O%2Fb%2BjqJuZUGFnKytC%2FMl7ibiaPrGk"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
823fb1ae9c72367b-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 595E 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=476778&zone_id=2832542&size_id=2&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=50014a52-757c-4aa4-98b0-d55502c47caa%5E1&rf=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&tg_i.domain=ksl.com&tg_i.page=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&tg_i.pbadslot=%2F65889844%2Fron01_728x90f_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=142be6dbe970ccc4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90f_desktop&slots=1&rand=0.6120177545248127
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f38240ab2c85207da531c1f788d9e5a7beb273d11c08d15714c464c407c52bbe

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ Frame 595E 		730 B
967 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221440148a0b54d9ff%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90f_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&s=3507f8c3-50b2-48fc-807a-964fa3b174d1&pv=42dcf765-bc4a-4ace-93fe-59fc7399b76a&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22ksl.com%22%2C%22keywords%22%3A%22news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ksl.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2250014a52-757c-4aa4-98b0-d55502c47caa%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
aceebf04544d4a4cc8731a96deda17979026abadd7ab81642421791bc72a827e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-198
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
436
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame 595E 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 595E 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=917218608026602&correlator=653148591423202&eid=31079443%2C31079519%2C31079522%2C31079523%2C31078015%2C31079527&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90b_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D844df475bb5eeae6%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_MYcLTca-AldOlRnbxNPEw1wJlqeQQ&gpic=UID%3D00000cbf89a7250f%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_Mbx_oj8txuoS4whmloLukh8SlDFiw&abxe=1&dt=1699633973548&lmt=1699633973&adxs=436&adys=154&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=7yjoim9m50qx&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ref=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&top=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=233581687.1699633968&ga_sid=1699633973&ga_hid=1249276230&ga_fc=true&dlt=1699633969881&idt=1901&prev_scp=Domain%3Dksl.com&adks=2587397766&frm=23
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f010b15457b99654d30679e1e94953617f6d3ae563c24e64cf44fa694febccb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12124
x-xss-protection
0
google-lineitem-id
6110887587
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138404649566
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ksl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.ksl.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Fri, 10 Nov 2023 16:32:53 GMT
trinity.json
apex.go.sonobi.com/ Frame 595E 		730 B
966 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221480236c16c338f7%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90g_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&s=f6cc8fe5-59ad-4990-b203-10537fc6671e&pv=42dcf765-bc4a-4ace-93fe-59fc7399b76a&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22ksl.com%22%2C%22keywords%22%3A%22news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ksl.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2250014a52-757c-4aa4-98b0-d55502c47caa%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
1475ec513f7af5a365888c8dedbca764630c7295a1d818871cf27fbe438f3e86
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-198
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
435
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 595E 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=476778&zone_id=2832542&size_id=2&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=50014a52-757c-4aa4-98b0-d55502c47caa%5E1&rf=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&tg_i.domain=ksl.com&tg_i.page=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&tg_i.pbadslot=%2F65889844%2Fron01_728x90g_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=1501d8bddb445915&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90g_desktop&slots=1&rand=0.14618358885266836
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b43044a25942128d019bbf057c94c2eea5cca91db1832028a055373ec22ec4dc

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 595E 		424 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=50014a52-757c-4aa4-98b0-d55502c47caa%5E1&rf=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&tg_i.domain=ksl.com&tg_i.page=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&tg_i.pbadslot=%2F65889844%2Fron01_728x90g_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=15221b6c724fc076&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90g_desktop&slots=1&rand=0.04598210760821164
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ea67ee37f911ade94d894ff51dd077a9b489a13266372a0e1a3429b0b54b5a16

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
424
expires
Wed, 17 Sep 1975 21:32:10 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 595E 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.ksl.com
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame 595E 		38 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ffe5ef53349cb80c8b76d184c1b9622cdea09c3e84f43293163bf612e449cb0

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tvwsBhBr60cQ%2FScRnx%2BBTUIJ8xkAQRLVCPIhfuDFyicSZnu6%2BNLawdHz%2F9xmOkC1ty34RC4Zg8sUbfaNYx4ayDu3Hw%2BqNlXbgCSrSspCIZ57EmmS7C4HTEWhHYmEGIJRzvZb7pfM"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
823fb1aedcb8367b-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 595E 		146 B
962 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
d65dc23658e3a9e9e06dc310fff002d405f5d80017d362d44cd96f2bcb6f6cbb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
an-x-request-uuid
9d02ac9c-2c32-41e9-a913-c906ee061456
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ksl.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.177; 185.213.155.177; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
146
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 595E 		95 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
bf777059f50499a6f2b0e3cd3fa510f028b95a4070402cd2e0f9732c43aa18cf

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 10 Nov 2023 16:32:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ksl.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
prebid
ads.yieldmo.com/exchange/ Frame 595E 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-6%22%2C%22callback_id%22%3A%2216267e2afa73cfae%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90g_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&bust=1699633973580&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=1.1M-pound%20historic%20steam%20train%20to%20return%20to%20Utah%20during%202024%20tour%20%7C%20KSL.com&w=1600&h=1200&pubcid=50014a52-757c-4aa4-98b0-d55502c47caa&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2250014a52-757c-4aa4-98b0-d55502c47caa%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.169.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-169-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
c
prebid.a-mo.net/a/ Frame 595E 		0
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
date
Fri, 10 Nov 2023 16:32:52 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
31
server
envoy
vary
origin, Accept-Encoding
translator
hbopenbid.pubmatic.com/ Frame 595E 		0
55 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
date
Fri, 10 Nov 2023 16:32:53 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame 595E 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 595E 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=917218608026602&correlator=1065682034906020&eid=31079443%2C31079519%2C31079522%2C31079523%2C31078015%2C31079527&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90c_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D844df475bb5eeae6%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_MYcLTca-AldOlRnbxNPEw1wJlqeQQ&gpic=UID%3D00000cbf89a7250f%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_Mbx_oj8txuoS4whmloLukh8SlDFiw&abxe=1&dt=1699633973592&lmt=1699633973&adxs=436&adys=154&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=jwk8gy4rdluf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ref=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&top=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=233581687.1699633968&ga_sid=1699633973&ga_hid=1249276230&ga_fc=true&dlt=1699633969881&idt=1901&prev_scp=Domain%3Dksl.com&adks=658150668&frm=23
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
216efa3c54e84bc3025b3a5cfdaf308f5c2dadf624293c212e3ecdc9b0cd122c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12136
x-xss-protection
0
google-lineitem-id
6110887587
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138404649566
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 595E 		36 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=917218608026602&correlator=2944957341177134&eid=31079443%2C31079519%2C31079522%2C31079523%2C31078015%2C31079527&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90d_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D844df475bb5eeae6%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_MYcLTca-AldOlRnbxNPEw1wJlqeQQ&gpic=UID%3D00000cbf89a7250f%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_Mbx_oj8txuoS4whmloLukh8SlDFiw&abxe=1&dt=1699633973617&lmt=1699633973&adxs=436&adys=154&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=z5rv03920ooy&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ref=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&top=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=233581687.1699633968&ga_sid=1699633973&ga_hid=1249276230&ga_fc=true&dlt=1699633969881&idt=1901&prev_scp=Domain%3Dksl.com&adks=4283511922&frm=23
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5d0c42591cd5afcb987fa107534a2352b39aa59349caa9763fb6c1d92e78dff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14681
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 595E 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=917218608026602&correlator=1379917389142281&eid=31079443%2C31079519%2C31079522%2C31079523%2C31078015%2C31079527&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90e_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D844df475bb5eeae6%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_MYcLTca-AldOlRnbxNPEw1wJlqeQQ&gpic=UID%3D00000cbf89a7250f%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_Mbx_oj8txuoS4whmloLukh8SlDFiw&abxe=1&dt=1699633973635&lmt=1699633973&adxs=436&adys=154&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=551ubp9o16dk&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ref=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&top=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=233581687.1699633968&ga_sid=1699633973&ga_hid=1249276230&ga_fc=true&dlt=1699633969881&idt=1901&prev_scp=Domain%3Dksl.com%26hb_format_bluerooste%3Dbanner%26hb_size_bluerooster%3D728x90%26hb_pb_bluerooster%3D0.09%26hb_adid_bluerooster%3D248ea84c3bac8fc%26hb_bidder_bluerooste%3Dbluerooster%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.09%26hb_adid%3D248ea84c3bac8fc%26hb_bidder%3Dbluerooster&adks=3085048810&frm=23
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8c2e75fec8a4d2a7d465709889e61cad5e565ae7ae5d8a9550f71b76bfcfab6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12125
x-xss-protection
0
google-lineitem-id
5111853553
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274588176
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 089D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231108&jk=917218608026602&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ksl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.ksl.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Fri, 10 Nov 2023 16:32:53 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 595E 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=476778&zone_id=2832542&size_id=2&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=50014a52-757c-4aa4-98b0-d55502c47caa%5E1&rf=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&tg_i.domain=ksl.com&tg_i.page=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&tg_i.pbadslot=%2F65889844%2Fron01_728x90h_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=17266fc2f10b8efb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90h_desktop&slots=1&rand=0.860144164077195
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
79ee65f72fa14e1c7341544990b8210570f1dfb3cddb95d4695f2a928508dca0

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ads.yieldmo.com/exchange/ Frame 595E 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-7%22%2C%22callback_id%22%3A%221740534940246df3%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90h_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&bust=1699633973654&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=1.1M-pound%20historic%20steam%20train%20to%20return%20to%20Utah%20during%202024%20tour%20%7C%20KSL.com&w=1600&h=1200&pubcid=50014a52-757c-4aa4-98b0-d55502c47caa&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2250014a52-757c-4aa4-98b0-d55502c47caa%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.169.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-169-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
unruly_prebid
targeting.unrulymedia.com/ Frame 595E 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.ksl.com
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame 595E 		38 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c8a02e2521b164293e4b986b3aba024d45f0c5f623c63307948f37c548b7daf

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ThMPZhNNFsa1%2Fm6VmqYsubVy2xfSFtXF85vEFO7iQa6YSE4VCnc1k7CjjF%2BpetWQWE2sw6erWDscPUbSc1GHfT7N%2Bo4gMo7Q%2BTx8fMjH0W4lK5PkdFiifKAVLRTQWEVEzMADzk%2B7"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
823fb1af6d67367b-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
trinity.json
apex.go.sonobi.com/ Frame 595E 		730 B
966 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22180bb0b5e576cea8%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90h_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&s=e33fab52-9210-463d-959c-d1dc9b5bc9b6&pv=42dcf765-bc4a-4ace-93fe-59fc7399b76a&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22ksl.com%22%2C%22keywords%22%3A%22news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ksl.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2250014a52-757c-4aa4-98b0-d55502c47caa%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
f58ea96f1c8eaf7bdecc8d49a6e6d078be589c3827f7e165c51c843df2401279
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-198
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
435
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ Frame 595E 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
date
Fri, 10 Nov 2023 16:32:53 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
60
server
envoy
vary
origin, Accept-Encoding
translator
hbopenbid.pubmatic.com/ Frame 595E 		0
55 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
date
Fri, 10 Nov 2023 16:32:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 595E 		424 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=50014a52-757c-4aa4-98b0-d55502c47caa%5E1&rf=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&tg_i.domain=ksl.com&tg_i.page=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&tg_i.pbadslot=%2F65889844%2Fron01_728x90h_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=186a12f55037eab2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90h_desktop&slots=1&rand=0.5298351747500167
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
92872640729ea3279d405957f74bd9b7433c73a04db66f5c7c93ca67358125c8

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
424
expires
Wed, 17 Sep 1975 21:32:10 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame 595E 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 595E 		145 B
963 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
5c2a91d521e3bf89fa58b59e8e636dbd8fb435547c376eb4fd04e583f62d947b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
an-x-request-uuid
6b5741a0-f64a-4be6-91c4-7e2721e332ed
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ksl.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.177; 185.213.155.177; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 595E 		95 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
ac97a982e21925c7af0cd37611aab80c22ed8f48150325fc17e56a3d9a07e951

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 10 Nov 2023 16:32:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ksl.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ksl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.ksl.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Fri, 10 Nov 2023 16:32:53 GMT
prebid
ads.yieldmo.com/exchange/ Frame 595E 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-8%22%2C%22callback_id%22%3A%221982323324f9f1a6%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90i_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&bust=1699633973688&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=1.1M-pound%20historic%20steam%20train%20to%20return%20to%20Utah%20during%202024%20tour%20%7C%20KSL.com&w=1600&h=1200&pubcid=50014a52-757c-4aa4-98b0-d55502c47caa&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2250014a52-757c-4aa4-98b0-d55502c47caa%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.169.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-169-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
bid
ap.lijit.com/rtb/ Frame 595E 		95 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
8360f93cd65cde928c379ce390bcb585347952dbb409925a1675a977737c4d02

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 10 Nov 2023 16:32:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ksl.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
unruly_prebid
targeting.unrulymedia.com/ Frame 595E 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.ksl.com
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame 595E 		0
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
date
Fri, 10 Nov 2023 16:32:52 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
24
server
envoy
vary
origin, Accept-Encoding
translator
hbopenbid.pubmatic.com/ Frame 595E 		0
55 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
date
Fri, 10 Nov 2023 16:32:53 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 595E 		146 B
964 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
79cc89dd1b700ec4f1cb750bc229b43af8654027c204d0fdb19f0e1d575109e0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
an-x-request-uuid
5f5241d2-f0c0-4103-8fb3-f79333871903
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ksl.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.177; 185.213.155.177; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
146
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 595E 		424 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=50014a52-757c-4aa4-98b0-d55502c47caa%5E1&rf=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&tg_i.domain=ksl.com&tg_i.page=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&tg_i.pbadslot=%2F65889844%2Fron01_728x90i_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=210afa406559b3ed&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90i_desktop&slots=1&rand=0.038536130345273145
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3cb762491dd535431d82bf4367bcd3675e7e77ff9887754beeb9cd463d7460cd

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
424
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 595E 		38 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90a0c786d4f7bea885f3a34d24c062569f989bab4988a5a54614a1a67e4b44f7

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTdDFryjJlFu0NBxcV8raXL0T9qdDPnjOLiUZF%2B81OFW%2FR2gDqUHtXKIFVmZkjEv1BQi18tMT6vyHtbEowGsAbVvyYH3U6g%2BDZTl9P7tQMiUFM7KiYam76lcQ%2F5hbcQMz3sfiKj%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
823fb1afadc8367b-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame 595E 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 595E 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=476778&zone_id=2832542&size_id=2&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=50014a52-757c-4aa4-98b0-d55502c47caa%5E1&rf=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&tg_i.domain=ksl.com&tg_i.page=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&tg_i.pbadslot=%2F65889844%2Fron01_728x90i_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=2166d86c088e7b15&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90i_desktop&slots=1&rand=0.18107395859914655
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5a19c1b06d1725e1663d9ae64707dae0e69a24ce9d0a280d648a92d28c31463c

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ Frame 595E 		730 B
966 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22218ba0f96fbe3e9b%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90i_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&s=abfcce56-9695-4778-8b49-2a1f0f5dab3c&pv=42dcf765-bc4a-4ace-93fe-59fc7399b76a&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22ksl.com%22%2C%22keywords%22%3A%22news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ksl.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2250014a52-757c-4aa4-98b0-d55502c47caa%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
f1a15aa346dcdf8ce899143d55b17a8f605f684375d59f82bb70daa4f50d51ee
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:53 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-198
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
435
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame E470 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 15:42:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
3042
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Nov 2024 15:42:11 GMT
bl-34df212-770f4526.js
tagan.adlightning.com/deseretdigital/ Frame 6281 		58 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-34df212-770f4526.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74d01e8587e381b55e6f39a50fd9550b8d2418b2e90b82c407fb6ef2be46b251

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:37:40 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
hc.n5KcAgwbsAVYNvW8A7kk3FOE5y1yR
x-amz-cf-pop
FRA60-P4
age
89714
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24949
x-amz-meta-git_commit
34df212
last-modified
Thu, 09 Nov 2023 15:01:11 GMT
server
AmazonS3
etag
"f455cf8683b4657607012d3c5ed3cd81"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
R6svWmqlZkxBL1BCuWv7DvmU0HwF2Kn0DroaTPSus3iiRWWrhDQSlA==
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame 6281 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 17:34:10 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
1119525
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
f7i4FlrSXSK6dtg1CYHTO5w_dkV2ZcBn_SVCXv4zutdZUayPv0yTmQ==
b-5f40b44-9f6c1b2b.js
tagan.adlightning.com/saambaa-deseret/ Frame 6281 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/b-5f40b44-9f6c1b2b.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6611a010c1c02623f19baee463ab2bd5d3ca94f8a6cd0219b243212fd1751423

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 18:10:55 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
fP8PuZH8BatVq5HXfIsv4.6uZaG8ahhC
x-amz-cf-pop
FRA60-P4
age
3882119
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30497
x-amz-meta-git_commit
5f40b44
last-modified
Tue, 26 Sep 2023 18:10:17 GMT
server
AmazonS3
etag
"ee93a36c1860a5bf0ba3dd2972e0f548"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
_VMbcjXy4H0VAO1CM4ae6mKNL2zeONw3i_JI4bE3Z8i21vRd-DVnTg==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 6281 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75b7e88c9e6b18ce5a9fa4af3127d87d8843536f43aadac52db31cc1080baa19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10189
x-xss-protection
0
server
cafe
etag
11253784157337552692
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:54 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6281 		198 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a65f93d72a5269c2a062899bf5c8de7851468f034d321470d46fdaa99d15ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63768
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:54 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 595E 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=917218608026602&correlator=222136807952745&eid=31079443%2C31079519%2C31079522%2C31079523%2C31078015%2C31079527%2C676982996&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90f_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=7&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D844df475bb5eeae6%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_MYcLTca-AldOlRnbxNPEw1wJlqeQQ&gpic=UID%3D00000cbf89a7250f%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_Mbx_oj8txuoS4whmloLukh8SlDFiw&abxe=1&dt=1699633974023&lmt=1699633974&adxs=436&adys=154&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=aqnhkb72d46v&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ref=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&top=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AOrYGslXvOnDh56NVpmdHPtm3FjyinbRCFsz4GzvTB9FiudePqNP2oE8An0v3rNnshGs7fEMJe7J_VM1n55zOAmx4iaGloSh&ga_vid=233581687.1699633968&ga_sid=1699633973&ga_hid=1249276230&ga_fc=true&dlt=1699633969881&idt=1901&prev_scp=Domain%3Dksl.com%26hb_format_bluerooste%3Dbanner%26hb_size_bluerooster%3D728x90%26hb_pb_bluerooster%3D0.09%26hb_adid_bluerooster%3D25026b75c8b7b82c%26hb_bidder_bluerooste%3Dbluerooster%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.09%26hb_adid%3D25026b75c8b7b82c%26hb_bidder%3Dbluerooster&adks=3272850789&frm=23
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6330096e6d5a3fc2941a897f2f68f4c03599bf54bd7c1a040adfa9ed681d04c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12133
x-xss-protection
0
google-lineitem-id
6152679804
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412693537
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 595E 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=917218608026602&correlator=2152811315956009&eid=31079443%2C31079519%2C31079522%2C31079523%2C31078015%2C31079527%2C676982996&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90g_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=8&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D844df475bb5eeae6%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_MYcLTca-AldOlRnbxNPEw1wJlqeQQ&gpic=UID%3D00000cbf89a7250f%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_Mbx_oj8txuoS4whmloLukh8SlDFiw&abxe=1&dt=1699633974041&lmt=1699633974&adxs=436&adys=154&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=sf9he662s1a4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ref=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&top=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AOrYGslXvOnDh56NVpmdHPtm3FjyinbRCFsz4GzvTB9FiudePqNP2oE8An0v3rNnshGs7fEMJe7J_VM1n55zOAmx4iaGloSh&ga_vid=233581687.1699633968&ga_sid=1699633973&ga_hid=1249276230&ga_fc=true&dlt=1699633969881&idt=1901&prev_scp=Domain%3Dksl.com%26hb_format_bluerooste%3Dbanner%26hb_size_bluerooster%3D728x90%26hb_pb_bluerooster%3D0.09%26hb_adid_bluerooster%3D2524ed9e5374908a%26hb_bidder_bluerooste%3Dbluerooster%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.09%26hb_adid%3D2524ed9e5374908a%26hb_bidder%3Dbluerooster&adks=3516126248&frm=23
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c40cde8989c6bc96f14889dbe7f8ec1e337a0bf8eda8d84602ff2965e765373
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12120
x-xss-protection
0
google-lineitem-id
6152679804
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412693213
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 595E 		38 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04d6cc3e3ee14809562b9047e43fa0ad1abef88384e5e74c7af7a1eade26d983

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9WwjE0iZX4aKz%2BQgqR0dfrdBI5%2FxOrIXCHACLHTxt7Qmunh4J9%2FZgs7n%2FREy4lBjjsA9q9U1tePNiJUAYzCTlboT7eDG8IZdrYxuS4OIi%2FP42Zqpo6r%2BDhvj3jm0mYF7caq5vhNH"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
823fb1b1d8a3367b-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 595E 		146 B
963 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
ff2c7ccae8dcbdf672e97016d32342896f07c1f2625aa1adbefb60c89c5b3bd8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:54 GMT
an-x-request-uuid
a383004f-87d2-4ca2-86ac-7144d6d94dc9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ksl.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.177; 185.213.155.177; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
146
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame 595E 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:54 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 595E 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=476778&zone_id=2832542&size_id=2&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=50014a52-757c-4aa4-98b0-d55502c47caa%5E1&rf=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&tg_i.domain=ksl.com&tg_i.page=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&tg_i.pbadslot=%2F65889844%2Fron01_728x90j_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=2263f9bf7e97e05b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90j_desktop&slots=1&rand=0.2776208128367985
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
719384b064e91786e19c1faec928e5041cad9a1c62f01cac4b6ace4edd5b8c0a

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:54 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 595E 		0
55 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
date
Fri, 10 Nov 2023 16:32:53 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame 595E 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
date
Fri, 10 Nov 2023 16:32:53 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
88
server
envoy
vary
origin, Accept-Encoding
trinity.json
apex.go.sonobi.com/ Frame 595E 		730 B
967 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22234122ef99e12ad1%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90j_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&s=65e4cc0d-0913-443a-a85a-50ba11ffbcab&pv=42dcf765-bc4a-4ace-93fe-59fc7399b76a&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22ksl.com%22%2C%22keywords%22%3A%22news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ksl.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2250014a52-757c-4aa4-98b0-d55502c47caa%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
d16be189421803dd4ac526983fd3f89ad40350c6bfa2afce69a48a5d9670f84a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:54 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-198
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
436
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 595E 		95 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e991bfd51a024f880faf92b86dae29fb646979ee959d858f7a03785b138b71bd

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 10 Nov 2023 16:32:54 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ksl.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 595E 		424 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=50014a52-757c-4aa4-98b0-d55502c47caa%5E1&rf=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&tg_i.domain=ksl.com&tg_i.page=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&tg_i.pbadslot=%2F65889844%2Fron01_728x90j_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=238323ccaf11ecd&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90j_desktop&slots=1&rand=0.8013575080200355
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d9f2475064273b819775ae3a53920d6b54f1f30ae53433514b4708530213623b

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:54 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
424
expires
Wed, 17 Sep 1975 21:32:10 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 595E 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.ksl.com
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:54 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ Frame 595E 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-9%22%2C%22callback_id%22%3A%22242aeb4bd7fdc847%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90j_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&bust=1699633974072&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=1.1M-pound%20historic%20steam%20train%20to%20return%20to%20Utah%20during%202024%20tour%20%7C%20KSL.com&w=1600&h=1200&pubcid=50014a52-757c-4aa4-98b0-d55502c47caa&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2250014a52-757c-4aa4-98b0-d55502c47caa%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.169.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-169-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:54 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
ads
securepubads.g.doubleclick.net/gampad/ Frame 595E 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=917218608026602&correlator=3902286169381235&eid=31079443%2C31079519%2C31079522%2C31079523%2C31078015%2C31079527%2C676982996&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90h_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=9&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D844df475bb5eeae6%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_MYcLTca-AldOlRnbxNPEw1wJlqeQQ&gpic=UID%3D00000cbf89a7250f%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_Mbx_oj8txuoS4whmloLukh8SlDFiw&abxe=1&dt=1699633974090&lmt=1699633974&adxs=436&adys=154&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=v5tsm2utxwmr&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ref=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&top=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AOrYGslXvOnDh56NVpmdHPtm3FjyinbRCFsz4GzvTB9FiudePqNP2oE8An0v3rNnshGs7fEMJe7J_VM1n55zOAmx4iaGloSh&ga_vid=233581687.1699633968&ga_sid=1699633973&ga_hid=1249276230&ga_fc=true&dlt=1699633969881&idt=1901&prev_scp=Domain%3Dksl.com%26hb_format_bluerooste%3Dbanner%26hb_size_bluerooster%3D728x90%26hb_pb_bluerooster%3D0.09%26hb_adid_bluerooster%3D2547774ee6194a6a%26hb_bidder_bluerooste%3Dbluerooster%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.09%26hb_adid%3D2547774ee6194a6a%26hb_bidder%3Dbluerooster&adks=2445953488&frm=23
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f95bc216faa2425bc4fb7eba2596e113df1153ec19b7938b496ea2d1eb73a00b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12122
x-xss-protection
0
google-lineitem-id
6152679804
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412693531
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 595E 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=917218608026602&correlator=4118350996043874&eid=31079443%2C31079519%2C31079522%2C31079523%2C31078015%2C31079527%2C676982996&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90i_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=10&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D844df475bb5eeae6%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_MYcLTca-AldOlRnbxNPEw1wJlqeQQ&gpic=UID%3D00000cbf89a7250f%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_Mbx_oj8txuoS4whmloLukh8SlDFiw&abxe=1&dt=1699633974114&lmt=1699633974&adxs=436&adys=154&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=id8le5z6ey4d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ref=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&top=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AOrYGslXvOnDh56NVpmdHPtm3FjyinbRCFsz4GzvTB9FiudePqNP2oE8An0v3rNnshGs7fEMJe7J_VM1n55zOAmx4iaGloSh&ga_vid=233581687.1699633968&ga_sid=1699633973&ga_hid=1249276230&ga_fc=true&dlt=1699633969881&idt=1901&prev_scp=Domain%3Dksl.com%26hb_format_bluerooste%3Dbanner%26hb_size_bluerooster%3D728x90%26hb_pb_bluerooster%3D0.09%26hb_adid_bluerooster%3D255e52254a0ac736%26hb_bidder_bluerooste%3Dbluerooster%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.09%26hb_adid%3D255e52254a0ac736%26hb_bidder%3Dbluerooster&adks=2059224439&frm=23
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
385d14ea0036c33851999dd46139db5b0f17982cfcefb77f2876c37a64f6a372
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12121
x-xss-protection
0
google-lineitem-id
5111853553
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274588173
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 595E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8gsIzhm_QFEwT6nQCrJJ5rgFGSuLn8nM26qbfH41YV-mLT4-JMAYaf6WaCkERPaj70pZJAR2Qb9ppD4pTmqVNdR8SyvloGVJk2KNO9s4K6mZTDh6MtdrUOYLhF5ieTgcdMc4Jrk7bGw&sig=Cg0ArKJSzJnpHeaRX6u3EAE&id=lidar2&mcvt=1126&p=154,436,244,1164&mtos=1126,1126,1126,1126,1126&tos=1126,0,0,0,0&v=20231106&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2487844782&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699633969881&rpt=3101&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ksl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.ksl.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Fri, 10 Nov 2023 16:32:54 GMT
bl-34df212-770f4526.js
tagan.adlightning.com/deseretdigital/ Frame 3286 		58 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-34df212-770f4526.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74d01e8587e381b55e6f39a50fd9550b8d2418b2e90b82c407fb6ef2be46b251

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:37:40 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
hc.n5KcAgwbsAVYNvW8A7kk3FOE5y1yR
x-amz-cf-pop
FRA60-P4
age
89714
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24949
x-amz-meta-git_commit
34df212
last-modified
Thu, 09 Nov 2023 15:01:11 GMT
server
AmazonS3
etag
"f455cf8683b4657607012d3c5ed3cd81"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
nNJGFhOwZErxlO1dpRkFRiXMzG2yZqi-bT348xwD-PzpcKSIEGilnA==
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame 3286 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 17:34:10 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
1119525
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
0zoL-R2bWYy0ySr4_jLeoRidhRrhVZZce6BXI3utas-i0WovEmg9zA==
b-5f40b44-9f6c1b2b.js
tagan.adlightning.com/saambaa-deseret/ Frame 3286 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/b-5f40b44-9f6c1b2b.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6611a010c1c02623f19baee463ab2bd5d3ca94f8a6cd0219b243212fd1751423

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 18:10:55 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
fP8PuZH8BatVq5HXfIsv4.6uZaG8ahhC
x-amz-cf-pop
FRA60-P4
age
3882119
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30497
x-amz-meta-git_commit
5f40b44
last-modified
Tue, 26 Sep 2023 18:10:17 GMT
server
AmazonS3
etag
"ee93a36c1860a5bf0ba3dd2972e0f548"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
nW3dHUbeAT1NssktR8xthyWUHjrnj_idHLdGrJfqy5o-KdnYRooPYQ==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 3286 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a6f6e4ac7d155fea1d1ed28140f66501f5e5a6dfdbf7e0709cc1f162afdc89f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10197
x-xss-protection
0
server
cafe
etag
15705160535763501209
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:54 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3286 		198 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a65f93d72a5269c2a062899bf5c8de7851468f034d321470d46fdaa99d15ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63768
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:54 GMT
bl-34df212-770f4526.js
tagan.adlightning.com/deseretdigital/ Frame FBEB 		58 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-34df212-770f4526.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74d01e8587e381b55e6f39a50fd9550b8d2418b2e90b82c407fb6ef2be46b251

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:37:40 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
hc.n5KcAgwbsAVYNvW8A7kk3FOE5y1yR
x-amz-cf-pop
FRA60-P4
age
89714
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24949
x-amz-meta-git_commit
34df212
last-modified
Thu, 09 Nov 2023 15:01:11 GMT
server
AmazonS3
etag
"f455cf8683b4657607012d3c5ed3cd81"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
5txQtAaJ7KqYol2lT5ofZrfFFx-xkoKrbRHoizj1QqTIAIGN_UO0Bw==
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame FBEB 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 17:34:10 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
1119525
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
XX_sx4BCC4W9mKPUErFro0qNjNYetlTIepM8n6IKjU1cKf9Qn-3img==
b-5f40b44-9f6c1b2b.js
tagan.adlightning.com/saambaa-deseret/ Frame FBEB 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/b-5f40b44-9f6c1b2b.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6611a010c1c02623f19baee463ab2bd5d3ca94f8a6cd0219b243212fd1751423

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 18:10:55 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
fP8PuZH8BatVq5HXfIsv4.6uZaG8ahhC
x-amz-cf-pop
FRA60-P4
age
3882119
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30497
x-amz-meta-git_commit
5f40b44
last-modified
Tue, 26 Sep 2023 18:10:17 GMT
server
AmazonS3
etag
"ee93a36c1860a5bf0ba3dd2972e0f548"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
IEGLkzEK4yOvEnPpQl4jMRofHGK3WQlKCJAhT9ngViYutOcWaEnCxQ==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame FBEB 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf8266c56e7ec88fa2267d3b3c8bb68a718a4fa09ae6add2ba0c83e0a515d9c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10190
x-xss-protection
0
server
cafe
etag
14960234835098531000
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:54 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame FBEB 		198 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a65f93d72a5269c2a062899bf5c8de7851468f034d321470d46fdaa99d15ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63768
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:54 GMT
container.html
d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2FD2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 16:32:53 GMT
expires
Sat, 09 Nov 2024 16:32:53 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=5&c=2719&i=7ezkt7&p=ksl-com&s=8776&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjI3MTksInB1Ymxpc2hQYXRoIjoia3NsLWNvbSIsImluc3RhbmNlSWQiOiI3ZXprdDciLCJwYWNrZXQiOjUsIm1vZGUiOiJlbmZvcmNlWgDyKG9va2llcyI6e30sImVudmlyb25tZW50IjoiVVMtRU4iLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS0APENaHR0cHM6Ly9pbWcua3NsLmNvbS9zbGMvMjk1NQUAFDcHAPElNTIuanBlZz9maWx0ZXI9a3NsdjIvcmVzcG9uc2l2ZV90b3Bfc20iLCJ0eXBlIjoic291cqEA8AVzdGFydCI6MTY5OTYzMzk2NjkwMqoAFmQUAGQ3MjA0MSwzAFE6Im11dKEA8Q5PYnNlcnZlckNMIiwic3RhdHVzIjoidGltZW91dNkAQGFzb27YANRdLCJkYXRhUGF0dGVyEgCwbGlzdCI6W10sImltAO83MDA4NzM5MzE1NzN9LAoBcx8zCgFtHzQKAQfxFHByZWJpZC5hLW1vLm5ldC9jY2hhaW4vMD9nZHByPTAmY2I9PwL2SiUzQSUyRiUyRmV4LmluZ2FnZS50ZWNoJTJGdjElMkZzeW5jJTJGYW14JTJGMjliY2NmNjQtNzU5MC00ZGE3LTk3OTUtZTgzOTAxNDdjMGZlJTNGdWlkJTNETQJiaWZyYW1lBQIITQJdNzIxNzdDATcxODNNAolpbm5lckhUTUQCeWJsb2NrZWREAmEiV2hpdGU1Ag9PAgkKJwAEWgJ_NzU0NjUzOFoCCQH0AyFjLtMCIG5vWwEBbgOPeW5jLmh0bWzuABIvODXuAAAfNu4ADVthbGxvd-4AD-MACQQyA882OTgzNjYxMjExODIoAgcK9wFAL3YxL_MB_wVQYWdlL3J1Ymljb24_dXNlcklkPf4BETsmdG9XAuNzZWN1cmUtYXNzZXRzLlMAcHByb2plY3SxBPAJJTJGdXRpbHMlMkZ4YXBpJTJGbXVsdGkthgABWgH_FyUzRmVuZHBvaW50JTNEdXMtZWFzdCUyNnAlM0RpbnN0aWNhdG9ygAESLjkwgAEAFAAD7gQvOiJuAgIPgAEnYDc4NDQ5MTgFD4ABB3FhcC5saWppDAHLL3BpeGVsP3JlZGlyRwEKpwELngNfc292cm6gAx1vJTI0VUlEOAETDukELzE5pgMODzgBJ685Nzk2NjUwODU1OAEIsGRzLnB1Ym1hdGljSAJBL0FkU28GQC9qcy-yAhVfQgKQP3A9OTUwNTQmFwDzAElkTWFjcm89UE1fVUlEJg4FEXB0AT9lY3R3ARkEfwAPegEdAnsAD3oBEw8yBAAfOTIESK85MDk0NjM1NzE3egEJQS1jZG4mBkBub3Jh0QcxZGlhhAEACgUBfQEGfAFCc3JjPYwGE18HAEE3LjI0awkDbAgPHwYHLjIwsQMoMjBsCA-xAzyfOTg5OTkzNjYz_wAKD3kCF_8Da2RudHVpZD0xJnA9MTU4OTc29gERLjIwcAM_MjA0KAZHnzc3OTU5NTkyNvcACPQCc3N1bS1zZWMuY2FzYWxlbWX0AQBVA-9tYXRjaD9zPTE5MjM3OVwIHC9peEEDHQ9FARMOWwg_MjA3RQFFcDcwMTY3MDbyBQ-1BAjxBHBhZ2VzLnByb3RlY3RzdWJyZXY4AwbRAF9mZXRjaCsJAT00NzS9BgEUAAW9BtJGRVRDSF9NQU5BR0VSQwACcwsPiQUonzI3NzE5Nzk0OQ8ECQ8QA08P-wABGTnLAZNzZXJ0QmVmb3JoCgL6ADpsb2EmCg84CRMFEAMfOPcAah4xBwQoNDf3AA9qDQsP_QAsHzcNBAgvYWQDBlceMfcCGjgDBg_8AToFAwYP_AEKD_8AVg8EAgEJ_wAPBAJCBAUBLzUwAQMzD4EJqB02fwIqNTJGBg9_AjsEgQkPfwIKD3IFFw96AaYfMvoCAAp6AQ_6AkMDgAEfM8YHCADMEiVpY3ITIGlt1gegL2F1dG9wbGF5XzQPRi5zdmfVBwOjBwEGEwgBEU42NzUy4goQN_YKAzMAD04TRb82OTk5NzY0NjE1M04TCA_pADoOyAUP6QBcDy0TCAvpAPYHYmV0YS9ub2RlX21vZHVsZXMva3NsLS8V_x4taGVhZGVyL2Rpc3QvNTFkNjY0YmM2M2U1M2YyYTQzOThjZjI2MDFhMzg3MDQLAhcOWRUPIgFRALoKjzU4NjMzMjcx7gUHDyIBcw4RCQ8iAVwPSRP1D80DAB8zFgdIAFcNAEkTHzSQCAgKIhMPyRTKDxwHATc3MzgRDQ8cB0IEhgEfNgYDCFBiZS5kdRUSAMgaACMQYG5ldC9sYhwQ1jExNTkmdD1TRCZjPTQdBwPgGgKxDggeB003MzMy-Q0CFAAFHgd_UkVRVUVTVPYOPI80NTkyODE0OW4CCA_oAAIBTxt_b3JzaGlwc-EAFA3gE0czMzI1yQEP4QBCnzgyNzc3NzAxOWUKCNB3d3cuZ29vZ2xldGFn9hhBaWNlc60QoGFjdGl2ZXZpZXdrFfcDY3VycmVudC9yeF9saWRhci5q-wBQc2NyaXDsGwxHHD04NDNZC0czNTYw-gAPwwILAHYUD0ccIYA2OTkzMTM2OUscD-4GBw_tGTINgBIvNDE6DEkF7RkP6AgID9gAMC0yMacIC9gAD7kBCw-WECQD3gAvMjCKEggPoxSwC0sBL2luXQ44AOkJD6MUDw9FAZ4dMSQGC0UBD5ACQPAANzAxNjcwNjc4NDUyfV19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:54 GMT
cache-control
no-cache, no-store
server
nginx
expires
Fri, 10 Nov 2023 16:32:53 GMT
bl-34df212-770f4526.js
tagan.adlightning.com/deseretdigital/ Frame B3AD 		58 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-34df212-770f4526.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74d01e8587e381b55e6f39a50fd9550b8d2418b2e90b82c407fb6ef2be46b251

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:37:40 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
hc.n5KcAgwbsAVYNvW8A7kk3FOE5y1yR
x-amz-cf-pop
FRA60-P4
age
89714
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24949
x-amz-meta-git_commit
34df212
last-modified
Thu, 09 Nov 2023 15:01:11 GMT
server
AmazonS3
etag
"f455cf8683b4657607012d3c5ed3cd81"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
bfqdDJ1GusHZK75HrcMRaIV5UGRMCeS7xDLCopd0CEq3MSqbYmA3dA==
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame B3AD 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 17:34:10 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
1119525
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
ucXbyjujM3wLVF5jxclg_KLJ4T-8lfpfTjT_bNPTdmMDGZotLtubQA==
b-5f40b44-9f6c1b2b.js
tagan.adlightning.com/saambaa-deseret/ Frame B3AD 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/b-5f40b44-9f6c1b2b.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6611a010c1c02623f19baee463ab2bd5d3ca94f8a6cd0219b243212fd1751423

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 18:10:55 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
fP8PuZH8BatVq5HXfIsv4.6uZaG8ahhC
x-amz-cf-pop
FRA60-P4
age
3882119
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30497
x-amz-meta-git_commit
5f40b44
last-modified
Tue, 26 Sep 2023 18:10:17 GMT
server
AmazonS3
etag
"ee93a36c1860a5bf0ba3dd2972e0f548"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
X93K7W9hKRqfblg_l_JE1rLWHoWiTG4B-yUHD9NtBZd9970pcAr41Q==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B3AD 		198 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a65f93d72a5269c2a062899bf5c8de7851468f034d321470d46fdaa99d15ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63768
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:54 GMT
bl-34df212-770f4526.js
tagan.adlightning.com/deseretdigital/ Frame 4F42 		58 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-34df212-770f4526.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74d01e8587e381b55e6f39a50fd9550b8d2418b2e90b82c407fb6ef2be46b251

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:37:40 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
hc.n5KcAgwbsAVYNvW8A7kk3FOE5y1yR
x-amz-cf-pop
FRA60-P4
age
89714
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24949
x-amz-meta-git_commit
34df212
last-modified
Thu, 09 Nov 2023 15:01:11 GMT
server
AmazonS3
etag
"f455cf8683b4657607012d3c5ed3cd81"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Aeri0fNsN4hNyWBYFzkVMZkqxYfA6tGqDKTdwYvQBjWAZDXVACigaQ==
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame 4F42 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 17:34:10 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
1119525
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
eYdZwQ1clCWNmews8EBoYbaJWGBq81hThx7y994p4sWUUn4vFbtxXA==
b-5f40b44-9f6c1b2b.js
tagan.adlightning.com/saambaa-deseret/ Frame 4F42 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/b-5f40b44-9f6c1b2b.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6611a010c1c02623f19baee463ab2bd5d3ca94f8a6cd0219b243212fd1751423

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 18:10:55 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
fP8PuZH8BatVq5HXfIsv4.6uZaG8ahhC
x-amz-cf-pop
FRA60-P4
age
3882119
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30497
x-amz-meta-git_commit
5f40b44
last-modified
Tue, 26 Sep 2023 18:10:17 GMT
server
AmazonS3
etag
"ee93a36c1860a5bf0ba3dd2972e0f548"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Y8Sa-fOpt7NcJwpPKyid8mL1MFv8-QISmS20mh_n2HPnIW2lzrx-4A==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 4F42 		198 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a65f93d72a5269c2a062899bf5c8de7851468f034d321470d46fdaa99d15ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63768
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:55 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 595E 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=917218608026602&correlator=2099944920312731&eid=31079443%2C31079519%2C31079522%2C31079523%2C31078015%2C31079527%2C676982996&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90j_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=11&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D844df475bb5eeae6%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_MYcLTca-AldOlRnbxNPEw1wJlqeQQ&gpic=UID%3D00000cbf89a7250f%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_Mbx_oj8txuoS4whmloLukh8SlDFiw&abxe=1&dt=1699633975010&lmt=1699633975&adxs=436&adys=154&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=zhze3o72ngqv&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ref=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&top=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AOrYGsmxcHBSAa0gXLEGnwXs9zEgEBGo3IUaaE2EdrkJawfTsCSPQXKwTgIFATrkxM284oz7-LaA8JRnLLM0cTAKmmh2RHft%2CAOrYGslXvOnDh56NVpmdHPtm3FjyinbRCFsz4GzvTB9FiudePqNP2oE8An0v3rNnshGs7fEMJe7J_VM1n55zOAmx4iaGloSh%2CAOrYGskLYzTFHcDyPVKwfA9Kebc6-BBHvERF_PNErNdUw0pwXcF5cDAHXXLk1sMcSLDm8olVhSP0zYt1mpMzhPrGlXjqLhfR%2CAOrYGsn9XWW1irmeZPXRrPFP6898OikeDOR03MqrHJRoK7rmGA1Gc5QXFCp_qXQEVhFSglQX2lF2HTf_erO4aAPeBKMTizHwvT1B6W4%2CAOrYGsnASuV1Y9gu3Ttaur8Xlcm6Mvn7N4leesOU7Fu8ImYkvVqh5zzrxw1CWfmdP-or2ENfmEV3CqA6ikdsAmztVEFQDELb&ga_vid=233581687.1699633968&ga_sid=1699633973&ga_hid=1249276230&ga_fc=true&dlt=1699633969881&idt=1901&prev_scp=Domain%3Dksl.com%26hb_format_bluerooste%3Dbanner%26hb_size_bluerooster%3D728x90%26hb_pb_bluerooster%3D0.09%26hb_adid_bluerooster%3D25643c826041fde6%26hb_bidder_bluerooste%3Dbluerooster%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.09%26hb_adid%3D25643c826041fde6%26hb_bidder%3Dbluerooster&adks=1601445237&frm=23
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36f0b69fae7f3869798bfca26483b4acbcef6c186c738e7c7069ee193eb63805
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12135
x-xss-protection
0
google-lineitem-id
5111853553
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274875424
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bl-34df212-770f4526.js
tagan.adlightning.com/deseretdigital/ Frame 2FD2 		58 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-34df212-770f4526.js
Requested by
Host: d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com
URL: https://d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74d01e8587e381b55e6f39a50fd9550b8d2418b2e90b82c407fb6ef2be46b251

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:37:40 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
hc.n5KcAgwbsAVYNvW8A7kk3FOE5y1yR
x-amz-cf-pop
FRA60-P4
age
89715
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24949
x-amz-meta-git_commit
34df212
last-modified
Thu, 09 Nov 2023 15:01:11 GMT
server
AmazonS3
etag
"f455cf8683b4657607012d3c5ed3cd81"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
aPJGFVZBzYMwN5vbbh4xTIoShWl5O80JyP8ZhnhjnueDj_8jekJrNQ==
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame 2FD2 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com
URL: https://d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 17:34:10 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
1119526
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
lYfm7a2bCcTawBV5mkDI7WoFviWgHeMEWHatapWuZzSDKMuQlw_tqw==
bl-34df212-55892923.js
tagan.adlightning.com/saambaa-deseret/ Frame 2FD2 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/bl-34df212-55892923.js
Requested by
Host: d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com
URL: https://d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe9df01e92d9c0e137f7e221e560e78695bf9232d13aa143e391e2e3c7f09c7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 05:27:01 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
DMkld.kXgFy5aUWIrrKoFpKh4kqORKtG
x-amz-cf-pop
FRA60-P4
age
39955
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33029
x-amz-meta-git_commit
34df212
last-modified
Fri, 10 Nov 2023 05:25:01 GMT
server
AmazonS3
etag
"980667be13325f2e18c61e31bc23552e"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
RTbRanu1xFjFU4YeHoyM7E-BKC1-aSgt4Qjv_QkgApxvXy9lT86URA==
b-5f40b44-9f6c1b2b.js
tagan.adlightning.com/saambaa-deseret/ Frame 2FD2 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/b-5f40b44-9f6c1b2b.js
Requested by
Host: d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com
URL: https://d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6611a010c1c02623f19baee463ab2bd5d3ca94f8a6cd0219b243212fd1751423

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 18:10:55 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
fP8PuZH8BatVq5HXfIsv4.6uZaG8ahhC
x-amz-cf-pop
FRA60-P4
age
3882120
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30497
x-amz-meta-git_commit
5f40b44
last-modified
Tue, 26 Sep 2023 18:10:17 GMT
server
AmazonS3
etag
"ee93a36c1860a5bf0ba3dd2972e0f548"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
E7nDNCi32E_zb83FpuHx-SKTReDd9EE9uThbJB4OlAI8U7owh4cO8g==
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame 2FD2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/window_focus_fy2021.js
Requested by
Host: d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com
URL: https://d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 15:42:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
3025
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 15:42:33 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame 2FD2 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com
URL: https://d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 18:27:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
79500
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 18:27:55 GMT
l
www.google.com/ads/measurement/ Frame 2FD2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ3OcoyjChSIuaFlal8YcKwK4IydmqYDN2i8c-s77E6XbcQA9aFNFTEweuNP2QOfqchFTPV
Requested by
Host: d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com
URL: https://d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2FD2 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com
URL: https://d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 00:22:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
144616
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 08 Nov 2024 00:22:39 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2FD2 		198 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com
URL: https://d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a65f93d72a5269c2a062899bf5c8de7851468f034d321470d46fdaa99d15ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63768
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:55 GMT
bl-34df212-770f4526.js
tagan.adlightning.com/deseretdigital/ Frame 0429 		58 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-34df212-770f4526.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74d01e8587e381b55e6f39a50fd9550b8d2418b2e90b82c407fb6ef2be46b251

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:37:40 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
hc.n5KcAgwbsAVYNvW8A7kk3FOE5y1yR
x-amz-cf-pop
FRA60-P4
age
89715
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24949
x-amz-meta-git_commit
34df212
last-modified
Thu, 09 Nov 2023 15:01:11 GMT
server
AmazonS3
etag
"f455cf8683b4657607012d3c5ed3cd81"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
JuDc6O2j1oZEcLyxL3UOaCiI51w_RGvSEtzGjURG6Lqp_rekTF7a1Q==
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame 0429 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 17:34:10 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
1119526
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
m0eph9gEsdLGAtH8jROqmzB2ptbpgVYi1a6nOr7nXj2EuHBNh56LYQ==
b-5f40b44-9f6c1b2b.js
tagan.adlightning.com/saambaa-deseret/ Frame 0429 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/b-5f40b44-9f6c1b2b.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6611a010c1c02623f19baee463ab2bd5d3ca94f8a6cd0219b243212fd1751423

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 18:10:55 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
fP8PuZH8BatVq5HXfIsv4.6uZaG8ahhC
x-amz-cf-pop
FRA60-P4
age
3882120
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30497
x-amz-meta-git_commit
5f40b44
last-modified
Tue, 26 Sep 2023 18:10:17 GMT
server
AmazonS3
etag
"ee93a36c1860a5bf0ba3dd2972e0f548"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
gzx0UD6fUuWZNWKogeEUKNkhLW3dqxhNO9H6kHHrzWn5bbu8H_0-jg==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0429 		198 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a65f93d72a5269c2a062899bf5c8de7851468f034d321470d46fdaa99d15ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63768
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:55 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6281 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvw39iqKSHjCbLVjIqnrIxkmUuzS9iOHK9Nxbk9uUYlu7A3s3g_i-Lt53VHSNNl0WOY_vnWsnX9_0mB0owhaIKeO4dmPhJLYm6CxnpME1FX_2fF1BrpUr88TYmBsD3a785be6iUfw__4-SqLcLOwG5JqR61bMX5pWDKDNmWEppKeHXkQ0UFQukM2MQoVaLyDPdmartPXCO-F8kt4NmbSd9hPGNU026Oyv5XtK10gQrgQppAfmFU7bhW4YdZE-XVituS5Ho25ClA2pTpQsgDQquauD1YbBTRzPPPrxyYgWjaA7CFQHO6fmarNvMSNld1aqqpX5-c0e2CvOsK&sai=AMfl-YQJpTXPaBQr0_ABXZm-T-x4kof0MaRiAUGl5ARwlYJ8FO20dTWz7hyDvXYn-kpXtK0sRcQTVJOHAQf8gallRcgeOnRAdPQ19oFp_MJ_F1AFQ0O949tzGt7G454etEQ&sig=Cg0ArKJSzM2bhk3eVGASEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 6281 		149 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
470510879b39ebfff84ea4b9bb57666e669867ff52db845491fcd0d53865ee8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52509
x-xss-protection
0
server
cafe
etag
2088969081220923818
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:55 GMT
truncated
/ Frame 6281 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be5f8fa04be6b5a425a1b12e67c8348b9506478a962bfd11a37a9fa8e2705a9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
bl-34df212-770f4526.js
tagan.adlightning.com/deseretdigital/ Frame 952C 		58 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-34df212-770f4526.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74d01e8587e381b55e6f39a50fd9550b8d2418b2e90b82c407fb6ef2be46b251

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:37:40 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
hc.n5KcAgwbsAVYNvW8A7kk3FOE5y1yR
x-amz-cf-pop
FRA60-P4
age
89715
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24949
x-amz-meta-git_commit
34df212
last-modified
Thu, 09 Nov 2023 15:01:11 GMT
server
AmazonS3
etag
"f455cf8683b4657607012d3c5ed3cd81"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
1jIEOuUJRqOMamT8JME_Iv2vP3NuRBL2UbvJ2Nqa3qfsXeX3VQ8pwg==
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame 952C 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 17:34:10 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
1119526
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
pPmvZi7CfXkqsUHuwq2cuUpNhYm7QUr-UdHHjPz2Agndk3IVRBJZRw==
b-5f40b44-9f6c1b2b.js
tagan.adlightning.com/saambaa-deseret/ Frame 952C 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/b-5f40b44-9f6c1b2b.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6611a010c1c02623f19baee463ab2bd5d3ca94f8a6cd0219b243212fd1751423

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 18:10:55 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
fP8PuZH8BatVq5HXfIsv4.6uZaG8ahhC
x-amz-cf-pop
FRA60-P4
age
3882120
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30497
x-amz-meta-git_commit
5f40b44
last-modified
Tue, 26 Sep 2023 18:10:17 GMT
server
AmazonS3
etag
"ee93a36c1860a5bf0ba3dd2972e0f548"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
lJnuCwMOJycYX31DqvAtTkL30yo57-a_qr0Ql7n7_EbadYX14dxG4A==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 952C 		198 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a65f93d72a5269c2a062899bf5c8de7851468f034d321470d46fdaa99d15ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63768
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:55 GMT
bl-34df212-770f4526.js
tagan.adlightning.com/deseretdigital/ Frame 9D4B 		58 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-34df212-770f4526.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74d01e8587e381b55e6f39a50fd9550b8d2418b2e90b82c407fb6ef2be46b251

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:37:40 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
hc.n5KcAgwbsAVYNvW8A7kk3FOE5y1yR
x-amz-cf-pop
FRA60-P4
age
89715
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24949
x-amz-meta-git_commit
34df212
last-modified
Thu, 09 Nov 2023 15:01:11 GMT
server
AmazonS3
etag
"f455cf8683b4657607012d3c5ed3cd81"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
zKfB-ZGq0C8pMqXwVrX_d1PGvl6F-nUOfz1SUUioWQmQpQ0mCPTqVw==
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame 9D4B 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 17:34:10 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
1119526
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
pG_NonpiRbee8_QMsgtJyP3XncFaEJH8h5X4TO1vi7bF1_8ek3UW3A==
b-5f40b44-9f6c1b2b.js
tagan.adlightning.com/saambaa-deseret/ Frame 9D4B 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/b-5f40b44-9f6c1b2b.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6611a010c1c02623f19baee463ab2bd5d3ca94f8a6cd0219b243212fd1751423

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 18:10:55 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
fP8PuZH8BatVq5HXfIsv4.6uZaG8ahhC
x-amz-cf-pop
FRA60-P4
age
3882120
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30497
x-amz-meta-git_commit
5f40b44
last-modified
Tue, 26 Sep 2023 18:10:17 GMT
server
AmazonS3
etag
"ee93a36c1860a5bf0ba3dd2972e0f548"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
ttvtLoZrow7OgSzz_nw6w57YEICbwUEmb39WXBxttti2JBRQ3hYwxg==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9D4B 		198 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a65f93d72a5269c2a062899bf5c8de7851468f034d321470d46fdaa99d15ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63768
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:55 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3286 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssoAvBOBPsFfJzZ8D7wO7nlOypIKyD-A75FPKLNdOt60_-MVwiWPRfI-bTqyRV2Mh-KlBNMYaz8mhTCDHwtPF7zxcZYpFnLPeb1PTEItO26SLMzz4S-FBXNJrzIstJnFZ4vXN_lcSR8e52jak1WIEP2oK_8ecoiyHvIzQP-bIuci2Cgnw3FRcTFgYxzGsiWO5NrorxmJFnsl3a43c8ZN9NwwA_xVWUnydSmUkUpwpycdHSwLaSu2PViKlPAmDpMHre8EeP-n5uuN7NFR8fT9sz2uq1ZPYiZhAnhj6QzsdaujT05DpKzp3_gD8hWhFONiqYcYUWUqnxK724XujmGF_gyJ4U_7ZRL0nUGd-iurUow&sai=AMfl-YTqgWKuvGBhjxpCj0t4L_Cxn-MtdQdFuq2OMv5tWVq-a9hJdmCTUmWxKSqI45RCWcdtYOKlzrJnMvxZxc4xmJm_U8TKNJImZ3VS9TQu8FQr3_Rumgy_8THxoiguY18&sig=Cg0ArKJSzMg3x9Gmvt2PEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 3286 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
133ceaab8eada4b31b23b7c71408d4be47c08987eab9a177848720e3cb6de8ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52818
x-xss-protection
0
server
cafe
etag
1533967570297883296
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:56 GMT
truncated
/ Frame 3286 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc1d7cefd1077f17ad9e854207f2979b451c72af9f12cc83f6d1518b9342c320

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame FBEB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1YENlx6CLG_lhXSTp20RE_Jn9S35rn5j8ef6M_Vq51lQMAzQvkxULAvvtx2EgWdyRvFED0xfw56KFQq_SXDlU48MZZYbRzYCFB_JAVrPSSm5JIffkA0c0k4M9_XD3MZljwU1hdWk_BYylNn-q38MevpQaAs7o3Jev5VMgvqLHhLH0GxFPi-k2w_dZxWIWT8m1EbOo6s54JtqNpLRMluK7smd2n9jXy2Ips2htR4Y8Y1rlkA4jkYHvDWFRqFnzSi4GKdSo-o1ofr2K0s2GZo8_GPqxgjhH1R8GU2BPerIpWUKwV3hrUEXnISVYOPr7EdjSWv2eEw7StDD44VgvPIakT9Sqp4CuqNp5kEajT8KXKA&sai=AMfl-YSs1sbMZK_W3BJLKqkwIcyVahIY4mL7p4Vx0tVNwzpaYC8CnXY_UzDGVRy97ZFOb_h2WbYM15TEFbs9nctblPIG7YUadHRb9n3Aj3m5Tc3tMxsV6Nv27haQbEWBZ0A&sig=Cg0ArKJSzH75A88zUaYjEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame FBEB 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
919c4bf5539c0cf7f9544d20bbacf612cddbb4ce49f88afc3a7bddb23c91c7ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52821
x-xss-protection
0
server
cafe
etag
328542528020511600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:56 GMT
truncated
/ Frame FBEB 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5dad1c01364bfd5e941690d76f1fa3b214d9b9c1edf61dc23ba68d249e95e788

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
publishBeacon
pixel.rubyblu.com/ 		0
350 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pixel.rubyblu.com/publishBeacon
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.230.100.254 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
254.100.230.35.bc.googleusercontent.com
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 10 Nov 2023 16:32:56 GMT
Server
nginx/1.21.3
Access-Control-Allow-Methods
POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
Content-Length
0
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-JW89DL7T5D&gtm=45je3b81v891939916z871929427&_p=1699633967525&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=233581687.1699633968&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1699633968&sct=1&seg=0&dl=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&dt=1.1M-pound%20historic%20steam%20train%20to%20return%20to%20Utah%20during%202024%20tour%20%7C%20KSL.com&en=Ad%20Block&ep.DDM_Device_ID=eea1iml9x93n&ep.DDM_Session_ID=utxhg93zmbl1&ep.DDM_Hit_ID=ldq938c1dxdw&ep.KSL_Member_ID=&ep.User_Pseudo_ID=233581687.1699633968&ep.Entity=KSL.com%20-%20News%2FContent&ep.Site_Section=News&ep.Site_Section_2=Features&ep.Site_Section_3=Historic&ep.Template=Article&epn.Content_ID=50775684&ep.Title=not%20specified&ep.Content_Source=internet_team&ep.Content_Team=original&ep.Content_Topic=transportation&ep.Author=Carter%20Williams%2C%20KSL.com&ep.Time_Posted=2023-11-05T11%3A40%3A30-07%3A00&epn.Word_Count=559&ep.Has_Video=false&ep.Event_Category=Ad%20Block&ep.Event_Action=off&_et=2706&up.User_Pseudo_ID=233581687.1699633968&tfd=11131
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/ensighten_news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E7EA 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.211.9.91 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-91.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=119372
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 10 Nov 2023 16:32:56 GMT
expires
Sun, 12 Nov 2023 01:42:28 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2996 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-226.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 10 Nov 2023 16:32:56 GMT
ETag
"623de86a-cf34"
Expires
Sat, 11 Nov 2023 16:32:58 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
X-Akamai-EW-Subworker
8096267
isyn
prebid.a-mo.net/ Frame 8C1D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Fri, 10 Nov 2023 16:32:55 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
beacon
ap.lijit.com/ Frame 16AA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13401719
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Fri, 10 Nov 2023 16:32:56 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1
usync.html
eus.rubiconproject.com/ Frame 31CD 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 10 Nov 2023 16:32:56 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pbcas
ads.yieldmo.com/ Frame D152 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.169.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-169-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Fri, 10 Nov 2023 16:32:56 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 9C9D 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1118
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
823fb1c2192e1c09-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 10 Nov 2023 16:32:56 GMT
expires
Fri, 10 Nov 2023 20:32:56 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync
x.bidswitch.net/ Frame 595E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=d895ada4-f3f6-42f9-a3c9-0e0155e2744b&google_hm=ZDg5NWFkYTQtZjNmNi00MmY5LWEzYzktMGUwMTU1ZTI3NDRi
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEE3DzKvWwrdtD8SsxPcPFhI&google_cver=1&ssp=sonobi&bsw_param=d895ada4-f3f6-42f9-a3c9-0e0155e2744b
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEE3DzKvWwrdtD8SsxPcPFhI&google_cver=1&ssp=sonobi&bsw_param=d895ada4-f3f6-42f9-a3c9-0e0155e2744b
Protocol
H2
Server
18.184.214.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-214-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEE3DzKvWwrdtD8SsxPcPFhI&google_cver=1&ssp=sonobi&bsw_param=d895ada4-f3f6-42f9-a3c9-0e0155e2744b
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
359
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 595E 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=8b725e5cd3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:56 GMT
server
Kestrel
content-length
70
content-type
image/gif
rtset
bh.contextweb.com/bh/ Frame 595E
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=e1ccfa44-3b45-423b-807b-32f2c7364f55&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=a1RPSUoyaVBuRmNJYktiUFY1SURlQQ&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEOqeJHxLtuAAZdXbaR1ktkg&google_cver=1
49 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEOqeJHxLtuAAZdXbaR1ktkg&google_cver=1
Protocol
H2
Server
208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6b57df6cd5-7gjgb
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEOqeJHxLtuAAZdXbaR1ktkg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame 595E
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5144588527380379815
49 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5144588527380379815
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:56 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-198
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5144588527380379815
Date
Fri, 10 Nov 2023 16:32:56 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/ Frame 595E
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=gVTAiOMn0WWeadP1g58M&pi=sonobi
49 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=gVTAiOMn0WWeadP1g58M&pi=sonobi
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:56 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-198
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=gVTAiOMn0WWeadP1g58M&pi=sonobi
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:56 GMT, Fri, 10 Nov 2023 16:32:56 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
bl-34df212-770f4526.js
tagan.adlightning.com/deseretdigital/ Frame E704 		58 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-34df212-770f4526.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74d01e8587e381b55e6f39a50fd9550b8d2418b2e90b82c407fb6ef2be46b251

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:37:40 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
hc.n5KcAgwbsAVYNvW8A7kk3FOE5y1yR
x-amz-cf-pop
FRA60-P4
age
89716
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24949
x-amz-meta-git_commit
34df212
last-modified
Thu, 09 Nov 2023 15:01:11 GMT
server
AmazonS3
etag
"f455cf8683b4657607012d3c5ed3cd81"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
wqYIfhBkoYcrf6RWdV0gEND6O-xZspVy5_rRGWUsvPQEXnaW5UFzmA==
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame E704 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 17:34:10 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
1119527
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
4niaHcq-6wYGRf_yMME6fRH4bAZBxItTfESfjSrKYxNdxI5ag0U88g==
b-5f40b44-9f6c1b2b.js
tagan.adlightning.com/saambaa-deseret/ Frame E704 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/b-5f40b44-9f6c1b2b.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6611a010c1c02623f19baee463ab2bd5d3ca94f8a6cd0219b243212fd1751423

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 18:10:55 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
fP8PuZH8BatVq5HXfIsv4.6uZaG8ahhC
x-amz-cf-pop
FRA60-P4
age
3882121
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30497
x-amz-meta-git_commit
5f40b44
last-modified
Tue, 26 Sep 2023 18:10:17 GMT
server
AmazonS3
etag
"ee93a36c1860a5bf0ba3dd2972e0f548"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
6AO5hpdJdmFN9oalbfySELwJXXUlJ0zYKe3Fimn13dLKJBMh-FjtjA==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E704 		198 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a65f93d72a5269c2a062899bf5c8de7851468f034d321470d46fdaa99d15ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63768
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:57 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B3AD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1nhvja76EWVet9JtapchNfMLB5xyNRTXpmLfGEyBxCEdy3uoCkS6kiDseEE4dC89CE_Tv461ArtogWUfsglYh1DxKzXVPhW5e1c6q2QjFCC4hlhcko3g8inKSl1p4odNtUpowbzNg0BrhPpJ2H8EsYSLqJsxaPsiNQOCHbL6cmX_FM3pjdvJszXUMx-m7GQIfpQM1R8DMkmXJl6ESRbOfjg4Bpf7MvNVMTl2m2cFUEZ0-4k46CCG511516JdiCb7hn0FYIeeyRVMiYe1z8tyNNMnKDK100ZGCj0AuBuVoQlVE2oYAkcg9qOzlpfeJA1w-zGhycJtSLkw9NC7Etxj4caCcJIW8acYUlVu6ihFf-NZ-&sai=AMfl-YQVtD4jSBbdQ3sJ49f7Cc7MF__kCBUvVtmJk2yJCloUzEgQO8Z09l1fU3U9fQdgf3pS-HQdplFyO2ltl99Nou7fwRHOzjbkyH4SlBPtIJADuC9N25qUtxnuZgSwM0s&sig=Cg0ArKJSzNaAw7Q46jxtEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame B14C 		261 B
122 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCls6mZBBjhiZLwATAB&v=APEucNX4YcD2Y9JqArwyDe9bmSdnRGKT4R-ddOTwcO8gXWSr_0SRawYhKEM-iZUMwYFGnywu47zsnM2wuNS3kZZ-kJSOaoe3GATe-4WcjPuoeNFn3fB4vDHofmTLHmUcEVy7iUwdCqJHPCapOQwKjJmYh3iuj5VvZ6-QLfzFz2BwZHstsBKO55s
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
102
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 16:32:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame B3AD 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:57 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B3AD 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AV96FUDVigSy_xv3o18JErYBoHDZrJBKv2R16nVmw2MtFKFuE-mTGXtImFmlfhyV9_T9okpLxLhCEYGrimwc-h19p-Nes_Iv4ticCHX7IIYueyd6A
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B3AD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15390979966230577251&x=8&ct=76
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4fc68e54-fd12-47ed-9c33-ad88a4c4bbf2
beacon-ams3.rubiconproject.com/beacon/d/ Frame B3AD 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/4fc68e54-fd12-47ed-9c33-ad88a4c4bbf2?oo=0&accountId=25230&siteId=476778&zoneId=2832542&sizeId=2&e=6A1E40E384DA563B27EEF646190C8657D54FE93654DDA3D8498B417F08F2E0074101EF54E91B2D61340DB0FABBD1FF48C1EBE65E7377AC8D0727A8D02EB4504DDDE28D3E6223EA321A6D8B99F4CEB70FC5F90AEB777B3D1CCF512491E4D0A055A04FB51E52244DAF68ED8E116E6010D738E60E4DBC3D0081BF29557607232B4D4E6FC96756E5E571055D7D4F346FF97BB3EFF3B455C3B53288D237DC4DCE7359B6C4E6ACE66F74FF9803637F6CDDA9D14B0577E9E3795BC5CDA10306204D320B
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::77 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:57 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4F42 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjste4N5nZuic1rUauW_mht_zyi9Mn32x8AO5v5CY_lAZ2jQwLyCj1lQEjXrmbb1zKbatjKLqQX_1WcnQbpmiGJYAjNJyujorYv-w5YzcMV_Zc_CXk_9EFU9r5qECZna9S9iXoNJo5BVLKA6gbnPL1iB6cfLwYRFBqU_QyLtARNX7KxvswgwLMJjRnZJxKDQ6Ivk6f9_WGKzeZ-rt3WYlHr7qoMLQlwPGHSsKacU6Asxh2-s9-rZAOfr0NskT1y2cGnEAGKVAqGgDWG7HRZjKuueQY5FHn7mxp2RZly0jiue8ct10CXJyClAREK3pAEnX2J2KqYg17NPHb_MZbAV9LsCHRZzvCKZ1eu3bbKZQcDhnmrlh&sai=AMfl-YTLC22qQ_hGaLIMpPbpQLH72pen3bKvOWSJWlAuFD_1Ror3eXYGy08pCCCy1rUCNL65DutnbhGVjJ5IMrESJowbhb4vjrToGSPJfcRQdtIuGddXj8b2jrAcV3zyZpM&sig=Cg0ArKJSzLBxgeKPM10rEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2FB1 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCls6mZBBjhiZLwATAB&v=APEucNU3Ex7r0KD8SYpB0cWRwkr76QH6CTpNrT8ZzebPpOtvXU4zoLySosh7PJJFTW1ZsF0dVB8jbs_McFDoCVtbvk1LY4ucotZfOugtxJYBRAynO21XkpRYcJ4nyInACAEUnHwSs4nAbdTX67hzwKiUtinIDIGBrHs0dyPYXud4jwxVZie4BNU
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 16:32:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 4F42 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:57 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F42 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D5WKwmaHdqoHyzFEVJl1ZKb-TaO9hX3-kd86keDW1rNLiZla4UoSZR3_sI6TgF_8Y1wyUi9LUcxCjDHE8vOUksbbZWKOrLzelTOKCOPqJI58tdBpo
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F42 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14322882442262221011&x=8&ct=76
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
74c6c931-f837-460d-abf0-5808433db3c2
beacon-ams3.rubiconproject.com/beacon/d/ Frame 4F42 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/74c6c931-f837-460d-abf0-5808433db3c2?oo=0&accountId=25230&siteId=476778&zoneId=2832542&sizeId=2&e=6A1E40E384DA563B00F8316CF3E9BDBF1D6BB3BE83064A7195905979FB375CB57629D0C6B956743DFE23A178072B80C35ABF4BC26238BE18E1111CD54A087185DDE28D3E6223EA321A6D8B99F4CEB70FC5F90AEB777B3D1CCF512491E4D0A055A04FB51E52244DAF68ED8E116E6010D738E60E4DBC3D0081BF29557607232B4D4E6FC96756E5E57154A9AFC225B4F1A8D9667F87E9D430C907EBAF0AB7BF4C19107DE0B60919C239C57AC3B6D82DF5AE2FF34614ADAD5F17CDA10306204D320B
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::77 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:57 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 31CD 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9508013aa8cb5143b32e62558f116c06a909d285eace78f4fe2b0a1f3e84fb83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Fri, 10 Nov 2023 16:32:57 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Nov 2023 04:29:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42873
Connection
keep-alive
Content-Length
13280
Expires
Sat, 11 Nov 2023 04:27:30 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ Frame 6281 		400 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.ksl.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b35ddfc206dac8aa6c475d087df42b9406ed0981dce37108b308fc9701fecc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138481
x-xss-protection
0
server
cafe
etag
13259781363234604083
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:57 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/ Frame 3286 		400 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.ksl.com&bust=31079474
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc22246577cf202a2e00f654e4cf7ddda3532f497a09620d930176c38cf0bc8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138697
x-xss-protection
0
server
cafe
etag
7510229894132590063
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:57 GMT
r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=6&c=2719&i=7ezkt7&p=ksl-com&s=3095&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjI3MTksInB1Ymxpc2hQYXRoIjoia3NsLWNvbSIsImluc3RhbmNlSWQiOiI3ZXprdDciLCJwYWNrZXQiOjYsIm1vZGUiOiJlbmZvcmNlWgDyKG9va2llcyI6e30sImVudmlyb25tZW50IjoiVVMtRU4iLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS0APEJaHR0cHM6Ly90cGMuZ29vZ2xlc3luZGljIACiLmNvbS9zb2RhcgYA8BwyLmpzIiwidHlwZSI6InNjcmlwdCIsInN0YXJ0IjoxNjk5NjMzOTcxMjQwiwAXZBQAsDY0NTEsInNvdXJjPACycmVtb3ZlQ2hpbGRBAMB0dXMiOiJ0aW1lb3VUAGByZWFzb26yANRdLCJkYXRhUGF0dGVyEgCybGlzdCI6W10sImlmAM84MjkxNDk0Mjc2fSzkAFQfMeQAZh835AAH0XBpeGVsLnJ1YnlibHXAAQNqAmdCZWFjb26-ATVlbmQUAAzCAU02NTE23gABFAAFwgH4A1NFTkRCRUFDT05fTUFOQUdFUskBYGFsbG93ZdwBD8kBHa85NDMyMDE1MjIx5QAH8wJyZWdpb24xLmFuYWx5dGljc7sCAfAA8CxnL2NvbGxlY3Q_dj0yJnRpZD1HLUpXODlETDdUNUQmZ3RtPTQ1amUzYjgxdjg5MTkzOTkxNno4NzE5MkACRCZfcD3KAtM2NzUyNSZnY2Q9MTFsAgDwACZkbWFfY3BzPXN5cGhhbQ8A9QI9MSZjaWQ9MjMzNTgxNjg3LkAA8BE4JnVsPWVuLXVzJnNyPTE2MDB4MTIwMCZ1YWE9JnVhYgUAMGZ2bAcAMG1iPRgAEG0MABFwBQAQdgYAxnc9MCZfcz0yJnNpZJgA8QI4JnNjdD0xJnNlZz0wJmRsPccD8AElM0ElMkYlMkZ3d3cua3NsDwHxMCUyRmFydGljbGUlMkY1MDc3NTY4NCUyRjExbS1wb3VuZC1oaXN0b3JpYy1zdGVhbS10cmFpbi10by1yZXR1cgoA8g51dGFoLWR1cmluZy0yMDI0LXRvdXImZHQ9MS4xTUYANCUyMEgAMSUyMEoAMSUyMEwAAAgAQm8lMjBQAAQOAHJVdGFoJTIwVgAwJTIwWAABHADgdXIlMjAlN0MlMjBLU0zDAPQdJmVuPUFkJTIwQmxvY2smZXAuRERNX0RldmljZV9JRD1lZWExaW1sOXg5M24eADBTZXOVBQAfAMR1dHhoZzkzem1ibDEfADBIaXQbAMBsZHE5MzhjMWR4ZHcbAKBLU0xfTWVtYmVyHgAAEgCwVXNlcl9Qc2V1ZG8TAA_jAQKjZXAuRW50aXR5PbEA8AYlMjAtJTIwTmV3cyUyRkNvbnRlbnROAIBTaXRlX1NlY3wFED0fAAwVAL1fMj1GZWF0dXJlcxsAMzM9SKoBABsAolRlbXBsYXRlPUHeAVMmZXBuLmsAAKoABOsBASwAgGl0bGU9bm90mwGAcGVjaWZpZWQZAAQwABFTlwUwPWluYgUwZXRfCQIIIADZVGVhbT1vcmlnaW5hbBkA4W9waWM9dHJhbnNwb3J0NQYAIADAQXV0aG9yPUNhcnRl0AGpV2lsbGlhbXMlMtgB8R5wLlRpbWVfUG9zdGVkPTIwMjMtMTEtMDVUMTElM0E0MCUzQTMwLTA3JTNBMDDiAOBXb3JkX0NvdW50PTU1OWsA8ABIYXNfVmlkZW89ZmFsc2UTAOtFdmVudF9DYXRlZ29yeTwCAh0AEkGEAf8Bb2ZmJl9ldD0yNzA2JnVwLu8BESB0Zg8EIDEz1gcECgcPTAULLjI1TAUAFAAPTAVMzzcwMDUwNjAxMDQyNUwFB4BhcC5saWppdGoDES8-Bms_cmVkaXJTBPALZXguaW5nYWdlLnRlY2glMkZ2MSUyRnN5bmMHAPYrb3ZybiUyRjI5YmNjZjY0LTc1OTAtNGRhNy05Nzk1LWU4MzkwMTQ3YzBmZSUzRnVpZCUzRCUyNFVJRJEGYmlmcmFtZUUGCU8ITDIxOTNBAUc3Nzc4TwizaW5zZXJ0QmVmb3JCAA9QCC2fOTc5NjY1MDg1OwGrLzIxOwENIm11twOiT2JzZXJ2ZXJDTIMBD0EBNR83QQEID3UKE_8BLzIyNS9ydW5uZXIuaHRtbDMCET80ODczAgwPggo-0Dc4NDA1NTgxNDZ9XX0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:57 GMT
cache-control
no-cache, no-store
server
nginx
expires
Fri, 10 Nov 2023 16:32:56 GMT
m
ad.yieldlab.net/ Frame B14C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEGjIps-fTvXCrFY6BI3qfpI&google_cver=1
0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEGjIps-fTvXCrFY6BI3qfpI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCls6mZBBjhiZLwATAB&v=APEucNX4YcD2Y9JqArwyDe9bmSdnRGKT4R-ddOTwcO8gXWSr_0SRawYhKEM-iZUMwYFGnywu47zsnM2wuNS3kZZ-kJSOaoe3GATe-4WcjPuoeNFn3fB4vDHofmTLHmUcEVy7iUwdCqJHPCapOQwKjJmYh3iuj5VvZ6-QLfzFz2BwZHstsBKO55s
Protocol
HTTP/1.1
Server
23.211.9.5 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-5.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Nov 2023 16:32:58 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Thu, 09 Nov 2023 16:32:58 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEGjIps-fTvXCrFY6BI3qfpI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame B14C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEDmAL7mR5GfOyj-p74tXLiI&google_cver=1&adform_v=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEDmAL7mR5GfOyj-p74tXLiI&google_cver=1&adform_v=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCls6mZBBjhiZLwATAB&v=APEucNX4YcD2Y9JqArwyDe9bmSdnRGKT4R-ddOTwcO8gXWSr_0SRawYhKEM-iZUMwYFGnywu47zsnM2wuNS3kZZ-kJSOaoe3GATe-4WcjPuoeNFn3fB4vDHofmTLHmUcEVy7iUwdCqJHPCapOQwKjJmYh3iuj5VvZ6-QLfzFz2BwZHstsBKO55s
Protocol
H2
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:58 GMT
last-modified
Thu, 11 May 2023 07:25:22 GMT
server
nginx
accept-ranges
bytes
etag
"645c9862-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEDmAL7mR5GfOyj-p74tXLiI&google_cver=1&adform_v=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame E7EA 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=3933481&p=161763&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:57 GMT
content-length
0
async_usersync
ib.adnxs.com/ Frame 2996 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:58 GMT
an-x-request-uuid
70428a35-a175-4427-b9db-21f0dd66bb6d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
185.213.155.177; 185.213.155.177; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 3B23 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ksl.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d9d4384d3df7f7bc78e6a4ccbc9401d1be1d37bdddec58a7b489bdb44d95145

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
823fb1ca7b9f367b-FRA
content-encoding
br
content-type
text/html
date
Fri, 10 Nov 2023 16:32:58 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=foqS9SWcf1GalQGrcqi9w%2BHfJYa2Ze1oYydKBxx8ZQA98mOSlvrvGAR%2FNvIAu44OyaEsYaS0yHk6xdWZZdwu2ffOIlpvlluFePsGrZd7s2uU7MzQ1iy%2FfAfsF9QbLx1lhtL0VzvQWPOp8A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 0429 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8alvns8aHjLWrVuFGOq3ue5rogrqk4oFokv5x27IDL6P3SywVMN8YJdckE95ElbRYgacULFPu40AHt32qy8MgGMp_smqtFx2_kvt9URmn0EcACgH1Tx4ca3exW4cKkUmH5SAHYynZDDG2s1il_1bqcgbNQLHgcIXnjqGDThRwe4nGaY1zL38bPlKeeXnXk_d03nDRIuznsaVGjhn0U-fa8OzlQn6--puATSWevNYphRXyDgEbJThrxRcpSoovaeMnNkU1VaOPkjA4Jt4Z7KoedS39cdSGZOIMGjK5qmYppIkn69lBkbUnnTGb2VRDVI6EFhyhtWK_zEbjuAoChhYu7g2zauAm0BMCgmiVkz0Ghg1y&sai=AMfl-YRg18-jYZDV5lr17Ma5tfkoxedkPSI-K1s55kjg_j_gMGDE5B4JsX6ZtH5SEqMpQet0w-IHViZLhhiHDqRJJDqqjXfWgh9dB18kD34_AQlOAppqIF5UrZhIZcSTtfc&sig=Cg0ArKJSzBdwbabG5UrnEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0B7D 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCls6mZBBjhiZLwATAB&v=APEucNUTQTuAQfc0Fz5HSHUgNpusmupoIjr1jiq0SRcyAmxtyKPRlf7ore6jGM8kK3f50E9XK9OBX1MtarN52W2Mxr7hB568ajIWYZMvSO5iGrRK0_uQ9caehawDldTUnYKCdrZW90ptnmoj4oYfty2NYoD_xOMHZ3g0MHgC_IqCPrSxCFN67uo
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 16:32:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 0429 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0429 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AuRbsMJqRJUZrW9EKX_5_JUocwVpQSKZ8kManm6cmmaZIUxLaK3AL3tTBmJJX0_lBteUCnUMQCCMG8u-DxrgZdhsI-ExWMZl557EgK9w8WWTCxDxs
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0429 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8991302715973075023&x=8&ct=76
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
011e0055-129e-4077-9141-3d98006e82ee
beacon-ams3.rubiconproject.com/beacon/d/ Frame 0429 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/011e0055-129e-4077-9141-3d98006e82ee?oo=0&accountId=25230&siteId=476778&zoneId=2832542&sizeId=2&e=6A1E40E384DA563B030DF9C1B5DDF8C7234256ECB1F52B996F879B7EAFF9670BD8C8A3A30743D5997ADB6568DD271BDC7A3220A15E3EC91DCA3AF3ACA4FC7624DDE28D3E6223EA321A6D8B99F4CEB70FC5F90AEB777B3D1CCF512491E4D0A055A04FB51E52244DAF68ED8E116E6010D738E60E4DBC3D0081BF29557607232B4D4E6FC96756E5E571ACC5B019AE2034C1508E4E3EBBE94F25DF478F6B064DC441D99DAF39D892D702D89887A343A73B6142A036B52D70030DCDA10306204D320B
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::77 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:57 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/ Frame FBEB 		400 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.ksl.com&bust=31079474
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc22246577cf202a2e00f654e4cf7ddda3532f497a09620d930176c38cf0bc8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138697
x-xss-protection
0
server
cafe
etag
7510229894132590063
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:58 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 952C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdLQlI_UeD4sv65PuFXhXVjsXIzVNi5y9Y-LdrI2X1kDjRXrFGso4ddBrmaj3KFB6KLByTIpQGm5xAJWJ6ls-O-LkM6TgfxgI_yHTb2Kuh00unewtfmJWQMElNhI9g0CvMsv7O-bsuPUw9cuTb118iUQMwDNPp_IzOX9-SyXN4zbvN1cTbfa25nNcPQ1MiqYZa-q5qwSYl-md3U7zGNh4H28NcQ8O8xc8XZaUDwadachGgP2PcvaDV-PrSN5yUDqLH0MDZoYsOJAf52gDBErDAJQyMxOf_34uoNkZBzyswmThEzSAPnzL0eaiTOp9Tjw6ZTJnjwwM3r7EjRnM&sai=AMfl-YS_vbAVKbhgj-upyXzI7oSWvYasCacW6hGYKd_eF0-4yg9mJbZH9UTw5Q4MfF3dOwrjPdL-NKxvIQeYYDrVJtpJPb-DiMYgWbRsE5T0sC4osD6rO6XxJFmoqkhC-JI&sig=Cg0ArKJSzC5KEBzV7qy-EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5E90 		552 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCls6mZBBjhiZLwATAB&v=APEucNXBd0Swzb6FhTMN9I0ZcdI-MoasU02ayK6JPxwT1vdnDJKJHXtB7S-C6f2bkiROdFD3aEuLb-O-Z_mcHeelQBpRFJ3QXhCeA2KO8RL1Vsksy4a7VoZG5O80ZG1XBYTZiWEDpRWEnvWZrpPj-id6lS8dsML5rqr7_H5AM8owmItEzMNPJmY
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3dad89bd01783443195a892365b91096da2f6ebb36b2169ab32af37344c82f1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 16:32:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 952C 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 952C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bds3RxiECeUpSZeHFqE8nXivEgc7864UkaXEAzVdH9va5BdRVy9sLcBO0NX3jKG6pg0xVIfNYgLZ3pEVS13gFjJQOOdBXRG6G6rCnv0bdVAm5HvCY
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 952C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7120551725912834124&x=8&ct=76
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aacdd4e1-d81b-4e23-9dc5-6174c97a85dd
beacon-ams3.rubiconproject.com/beacon/d/ Frame 952C 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/aacdd4e1-d81b-4e23-9dc5-6174c97a85dd?oo=0&accountId=25230&siteId=476778&zoneId=2832542&sizeId=2&e=6A1E40E384DA563BCD853A36AE596889E3C836740E5053F435861F0933BFB1B36F0D763BC441C0BCF273672D4515250CB8B520C6696685692B59B752A9A84852DDE28D3E6223EA321A6D8B99F4CEB70FC5F90AEB777B3D1CCF512491E4D0A055A04FB51E52244DAF68ED8E116E6010D738E60E4DBC3D0081BF29557607232B4D4E6FC96756E5E57116BA08600A6001DB1BB760F1348174B515D0A84EBC60DCF24080C862319E6E44247BD0E74615B2E94E283C4F36E4DFECCDA10306204D320B
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::77 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:58 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9D4B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukPXdQt6GDVLEAr0hcWkF2RnlJHXcyWm5NmSHkLWapULJ9Qx8JpcLKadcWurA91wG3ZMgZ9EptKEN162fYnWZUmyEBdzLIbmq9KlndiIGL9m7iVKwvRm2Z2mmstmQotwPT5LLYf4Jhb4OEyU1CY2mF70DbbnKjWoRrpq4veNXPBeYPERge0wyAo9D-kydKgqQMpe-2QAcyNXUgXl19O4dfa6KjYM48ds51V656gyk7bqxM0kIcWIX8ZC8NHiyCFTSR5BgiWNJZ7051-l0swsPpHKZBx765Z-c56oY6-GCf3L84fnA9ak7rjDVrOFwoRfNwY5wF4FsKayi2_I8&sai=AMfl-YRA1Fw_guiJ6Q5ybskhWdEh5a_NWvTjBCxkP-kKBbn4TNkc-Thx1DpIhSrJ_Ljl1RoGm_upZlOPkRw1f6u1olBFwzGIwPFX_Y6i_oV0ZH87WD9rNF7iZsWAODF5g1Y&sig=Cg0ArKJSzFKhdG7uwuVrEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6F3E 		676 B
287 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCls6mZBBjhiZLwATAB&v=APEucNW88wyuiYRiK50e18lDI3KNJhWgyK5tkx5HOUay8kgw8ihucUspKnd2I0WINByZnJjhH9QM2pYvx5WlxBqbu2zhdq2FMB9-qp3HZMwyhN1Y-5ABUdaVWdPyPbAlvZAw2FF0IDSsYxM24dfoX5ciZZVT66CVOfKfc9SwJpmldbOTBXNmoLc
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e744a66257c7c975261db63da2cc0b344ff2a82621849aea8c8c7019337df51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
267
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 16:32:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 9D4B 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e192d9eeabf2bd704b031e2f4f97ba09750b0479987660b0e1cb1dfbd4f9bd85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31503
x-xss-protection
0
server
cafe
etag
5200871800753437332
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:32:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9D4B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DBweyxCrGbjAlnDaMB5fQW55ZMMEFZPyyVBdAFr05DpOHxxUPSzxLFg2t_MeOL1zz673g0enc3Bf95UICIxwkpXHiJCWLrb8pN-A5WxQcWHwcJ3Pg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9D4B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3345948237545349565&x=8&ct=76
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cfc23507-1438-42be-9555-1ccc1ba34259
beacon-ams3.rubiconproject.com/beacon/d/ Frame 9D4B 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/cfc23507-1438-42be-9555-1ccc1ba34259?oo=0&accountId=25230&siteId=476778&zoneId=2832542&sizeId=2&e=6A1E40E384DA563B067D3C2F9B3606F1D6EC7396B6B65309699811325EF4BBB5366B74CA139A78B87275E4C880C162F20D4DB7A26C7F9E6BCB829AC26B817CB5DDE28D3E6223EA321A6D8B99F4CEB70FC5F90AEB777B3D1CCF512491E4D0A055A04FB51E52244DAF68ED8E116E6010D738E60E4DBC3D0081BF29557607232B4D4E6FC96756E5E57100FC55BB193C68516BFB07522B5A7ED02E4749711FBB5E4680F1D58DA3EE033B2D83E839D7923C1D2FED05D6A7195420CDA10306204D320B
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::77 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2FB1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc5RUAXI-FJYCXFgIzU1vE&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc5RUAXI-FJYCXFgIzU1vE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCls6mZBBjhiZLwATAB&v=APEucNU3Ex7r0KD8SYpB0cWRwkr76QH6CTpNrT8ZzebPpOtvXU4zoLySosh7PJJFTW1ZsF0dVB8jbs_McFDoCVtbvk1LY4ucotZfOugtxJYBRAynO21XkpRYcJ4nyInACAEUnHwSs4nAbdTX67hzwKiUtinIDIGBrHs0dyPYXud4jwxVZie4BNU
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XE%2FsHXW7oh%2BHIajVj3hcaaC8eTxf7shQcZfqRgWhqtVFfk17VKft1R5St51SMHS0EruJyUz%2FUJk4JLGNPt9lZbTcDxqSdVHV0rPm0KCxYAl0stiAkHaFxdFiYMH0T2p9%2FtwKcuwi%2FODdow%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
823fb1d4dbea367b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc5RUAXI-FJYCXFgIzU1vE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2FB1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZU5bNKWNMtQWX.mrcXnT.AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc5RUAXI-FJYCXFgIzU1vE&google_cver=1&google_hm=2
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc5RUAXI-FJYCXFgIzU1vE&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCls6mZBBjhiZLwATAB&v=APEucNU3Ex7r0KD8SYpB0cWRwkr76QH6CTpNrT8ZzebPpOtvXU4zoLySosh7PJJFTW1ZsF0dVB8jbs_McFDoCVtbvk1LY4ucotZfOugtxJYBRAynO21XkpRYcJ4nyInACAEUnHwSs4nAbdTX67hzwKiUtinIDIGBrHs0dyPYXud4jwxVZie4BNU
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pNFFeVI%2BHk1KJ0TV8I2UfIbvGKf14kj9FX3sWHVs9h5OAsO6acLhVeSRMMOpsF8Oqk%2BzsA9te2AmMzlVJjvC212E2GLZ2Ai%2BoAp%2FI%2B3tAqPkipEIlLj62vhWilMGMSQgzSlxJDAY79Rmow%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
823fb1d52c77367b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc5RUAXI-FJYCXFgIzU1vE&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 2FB1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBc8n-Zc8fAMdKQpl7iV_vc&google_cver=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEBc8n-Zc8fAMdKQpl7iV_vc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCls6mZBBjhiZLwATAB&v=APEucNU3Ex7r0KD8SYpB0cWRwkr76QH6CTpNrT8ZzebPpOtvXU4zoLySosh7PJJFTW1ZsF0dVB8jbs_McFDoCVtbvk1LY4ucotZfOugtxJYBRAynO21XkpRYcJ4nyInACAEUnHwSs4nAbdTX67hzwKiUtinIDIGBrHs0dyPYXud4jwxVZie4BNU
Protocol
H2
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
an-x-request-uuid
bc2dfe0c-fc2a-4e10-a0f8-67dcc90825bc
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
185.213.155.177; 185.213.155.177; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEBc8n-Zc8fAMdKQpl7iV_vc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2FB1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI2NTc0MjI0NTYxMTI0ODU1Mg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI2NTc0MjI0NTYxMTI0ODU1Mg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCls6mZBBjhiZLwATAB&v=APEucNU3Ex7r0KD8SYpB0cWRwkr76QH6CTpNrT8ZzebPpOtvXU4zoLySosh7PJJFTW1ZsF0dVB8jbs_McFDoCVtbvk1LY4ucotZfOugtxJYBRAynO21XkpRYcJ4nyInACAEUnHwSs4nAbdTX67hzwKiUtinIDIGBrHs0dyPYXud4jwxVZie4BNU
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
an-x-request-uuid
4a9d4fc1-df04-49c0-8a12-5751edcb542e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI2NTc0MjI0NTYxMTI0ODU1Mg%3D%3D
x-proxy-origin
185.213.155.177; 185.213.155.177; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B3AD 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1413021285963&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B3AD 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1413021285963&version=m202309260101&ct=76&x=8&cor=15390979966230577000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame B3AD 		93 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bdt24oXs5W0WYqzCSOvOpMKaFUPEBzO5T1FkS9XPEOaRd_R2H7riPE7dn38VNORR6ta8wZqXyFcgaPA0nBn95amIsNJI6c2Az_g6nXqUjUSJU2wS42vMfYhgjXmFe1xBkDkb8DjVgGhUcZ2fXZNIfmuselDNGV8F3raaud4Avj9c7NqHQ&dbm_d=AKAmf-BtblqRqgC2fhl5CWe5-MCEgAUK7z2hIB55UsABSnRu1_ir5bjAGQg9OM_Byg1hnr6ocqRYZ-4ni3dPUIg5F7LXDe6dW2ibdOAwgVMv9G54gzX4ixb-S4Teun-u7ymXKwQhRfIfXBxWkdcY6ZBGOWZgG1Brmcz1tuWC-IuyyFntuvj6QUIOuVZ6Xtdkw-2D7mXRWMRztPOYmvk2HzDOheudRrQjKBNk52Rh9qF4sz4o-mlB_Jb78QcUvbCSaViC3SmLSzwBvq0TcBdphbGQ-WJGGGU2W7WA_hSGywIHjtdB2k4xu-WenQVY1bk1C4GssJrVSxZ_ABGd6LP1bFT94r2515g9g22uL2KAAxHjVaXXxHAqyr6GVWDwRQPImTnhvy7EcEfCUH5sbbSATEerQulweeT4fCrTX4N4iovOls6AmYFYZCSSN3CCsWxzht3upUfmF3quWY8cgdDh7A-mNzb_TFhvgkBTjW-gdEQJ2XakFtIr8V76bEpY4Wx6mUQhKswboDhzyxdHbTSSqCiWlgWVMAsvtLXrSwqG4RlbRh-Ogiet9Qq3E_MLW0tPz6PpIuKBW8TPoCDVRR9EmiaF3-okyLyC7LWnxcNkFIBymbvxUkKmHUgeBXoS-27d0ZMXRVhY2jb_UCgAV7qxtHkq6Km8zYOHF0NQYnUoSoQLr2Q6XJAZs73NHAHpM8io7slV-uQssF2c20yjYo0QT9lge5clBTedtNO-HHRhKxuzztX5yC0zpouTtTMTeHzpUAfTOrVtLSaWxxNRQ49Ij47jvIONsbSdvZOyYts9YPIlKPXwqa5LloYPyQIXGjuv7F2UndG_6PK0CqM-eFMM3O4pU2vcWPAtK-dbkxEBkBey5aK4C7Or3AtnOZDroGlYc1I3-IHJgXXZdOzt9gaya_KSJGoFI8Yg7oI1QIhSNLjVl0_TaEOY7d_yI6y0mnfM2gPBBmAXFpf3ulR9glt2PfiHfw5Nwr1JS0CXtBJ-rNwBM4s12iDOXj6vxaJazDZIyftAKL7EwlP8IXZaZvqMWSp1ow7Z66UGTkFUAn2IFs5fcNb84GUobKPqiIadJAHciwtMEurw4S7M0UvP54_sV6JpEps0Tuf7Yi1INFgowLylqcDU-EGskogagVteQJWGWXg-Suz8YCdMffenViZi4C54SgX1JEn65MysyRSEyO7t9iysY3B4HwcgLWp8kPK_K1MR6oWxCX8RyNYdQ3rb_rLnTot0NXnT5Z3Nw8SRhdm8Rtdmr8dNOZZmhsI3UWh0vPJp7fICF52Ur1hoUlS7mfSvI7Xicp47UZCcyqlgJ4_fz6TRPkdgRkVoPvxOplsWCLiX19MNNLHDieOLesoBd0VOfMevSTFCeJ49nDx0sEhaGEBbnpNDnMJWKlP2_JUSFER4FQo1HwHdfulI8FNeONvP39zkeKaqNiA2FDcJ7Pp7dUwPl9k5eePQbDLzbVB5FA3ttdc5vsZjXC43e-u7Z0VHPSE0mQEbdmd-td6EEr0qAS0M4kWLYXt1-gxjkNs-kAgSNl1I9c2FvPw2JZIix5R_gpjIU1zHc3CWh4oF8kqlSaEcxrXrKUC05SI5DMfNzxhGqnXF-tR8wUztyTsr3BdU2IuV1cB2lZd3ffY_gzOrV_4vNOwpG4RLAOAX5y28ym2h_5rJi6FuAWcVrVRl4aznm3I34xV_Gw06Mn_h--wXtLRIFloG5JaenYekUXctuue3U4LGnNTiLJtEkDttKL4nTwsKDczIRSKbFLhWfKEoqBoKDlwTBG43EygdN1P7ojqhgvLPxnWlHx-UxKaLU9tIaPWU14YHUU62wqByb22HIzTTXVVcKSfMijGhGEOOudVcP3dfyEJotIbe2fo7JdVZ8gvnH2Pdct0mT9YNW84T0MG0j_dIg1e9U2EPN9JD03c2py3mZwQWi_A6qJzz9M6c5Gxf_7Tmj-PFOe6WYfLZxx3wx8swP881e40QhySB3BUOgyA0NFcu0l0F9-F3n1tc0tyoHhqjrmaLHtcMIG3ocqnU3DZUBSIIeojrotSacf29zsv0anMWrVxwg-H3v9YPgGsQZS3ybBGbosa1iT8IiJtM1Duc8KMDLdkBG8gu6H92Z0aVHQ89kfVJpTx23jM-0S7AcMyR0zGDx6Qa-xJUcYQH-5GrZ1oHsKqU9pAkkB80XOyWWkf645WlnN72LghXTuqctIjlKoi_E7Z5X930E32pEvnnECeW7-_jkC_zC_bxSJjJFpsVzsQLIPiiJ9GgFBWUBDuWpBks77dLJ4ZMu4x20lksiE4Xy8ENAwuES9uqxcrK3DsROIzsoIO28c2vtA4TcYYnm00DlDQwE0yHI6evhCmW4tptnpH7belEIp_CKW2cVBn3_tu41ByVKDDp7ZszwSHDTmcZIxhwTtJL0bxZxyLBh19oWH1j8_AdLB8maoM2pB0xlGNK4DmyDl4Gt1959QfnqkQ9YcqvB8MbuxfDZ6OTnpXNwHnIr-UfDChBVmXOX6eM-aBeucEZfUZchbMFmx8sQKN4ZghM1B4x7F950MQXdopNfBjtg06l8fFDfEKjUDGPIcQtSeE7s4_o8Sse38muiLX2fQvMaFSxtjUocaXkjTTx9bV9K2mRxzWXR9XC5wL6viU9ADVKhBN9MakaiZG0DQat-zIOGBRsfbeg_oUMxp67jMkzvkVDL8jbqQkyEpInHSVzXA6QYlrTvlsP-eM5Ld9TeVlMjwcrnOYbP5hHMbd31yZG9p2H9D53yRrV5FdKr4EwWhAW4RhBDRqfAA6bqHz3zWSQ6qsa1e2Tla6Rc0K3bbW3jFMgNiYFKvQZBrGcx3uRz7bpG2pZAsgQLSxSmV6t1rt7nxnuBiirjvqBtowX3a-5tUNkSSbmuBanzGaG6uJcodrWWT4ajQZf5ytO-2uhhZa9uSk2qXpCgzCKFK27kqOC1NrXo-Vi7OctZaskwM78CBmj1yMjx6V5Qq-bsx8EseReuFmX8gCAlDJWg8OmisqWiFnpQYbmuQD-SEjedqfdS7Zp4zjD2PIDZZyX0xL2EsQIp488N_Wjgshs_jSFvZyCQZxD8KeK-9pmBhSYS85Xjh6f1ru-ES3ktWzxiUFMJ890F0u0mveLDCLzH1oc66sbKJ2pl9BpIrNWD58SPf2uWSMtNJadtVS8A8h7_onWSSG565j3YfcRO3Avh1VHGInEEeapbfM0ydBRCmJeV9vylIxhvNOjxtMEEfM2tB7OlDE373TnNgfGD_6jnkDG1RfCIZSnW-Itm3TnynLUwyt-SvAZUCAMq1-eCCrd2SlD-9OCFSvDtH4vIr3zR67CKbUV4UFz3rT8NsjmqzbfhlDUG1e3FW68hTN8MS01k5CcxOy5eFa_y3JI0w5q15KekRdcSufilp4E9kB_RnA6nWwRDWt2oHtWiSAv6end7UmINc1omZHPIzGl6EhUn6nKePSsnNC6lkMnvgpOGeaFZAQRhFfptYmexYmR9_Cv4bjU1dGKT78UIpKDYSyItkJ2qlHTbAzs16rsiU-pc6VTLeLVN48hySNQmWbeC2Kj3u239oQoYhvjA82D4RYZyTKIwsqOBd8El5XtXxhC4nEgJh6xzh26Q9ikQCVlMljlJHT3bMpnN44Muqqu459JzhZPatg9bCWX5M8XUm4R6wuItQwBVMvuHNA5SROUc1pEs6V5nwiPxx9nNSoV5lYIKYaRE0Jg_EqKx4V7aGM4OZQyf4VQPlJcJuczTy_gXa58-wv28wLB1wruGB5vAza_CGbidIfPdDK67v0tOD6pmu5yHXQ9kAMFxA4m0bFdPKp6dNjBWg4wG22JbyzfmS93ECBlRqNRRzR8BR7Auq9T7LX4XN-jIZPYoIYgJz3hHUu5qMRUiG-plFo_KRSnT8fM6BsCK-ryJQERDXM0iuiDF6aB_ZTM3D1nCMRk4klyP7xYQDhAVJoxoNeqU9vuN5XycDaBBrhygJAjl1kZSEnD995hAT59KBw6BOhsZMyziq_uqg&pr=8%3A2258C73E8AAAA152&cid=CAQSMgDICaaNE1EgeDkiZZTBrXr02Ol6HKIZuop_-WAmt9HQrm4SC5BnBdUY5_SQKYWWUvtZGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ds=l&xdt=0&iif=1&cor=15390979966230577000&adk=1864557551&idt=195&cac=0&dtd=12
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d80c07bdec49910118c437a0157160bafd217be0d9d36f59f820313739df05b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39633
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
31327
i.liadm.com/s/ Frame 3B23 		43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZU5bNKWNMtQWX.mrcXnT.AAA%261142&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ksl.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.140.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-140-116.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Fri, 10 Nov 2023 16:32:59 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
2
Content-Type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 3B23
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABxIU7KnLYAABPvo4Dr7g&expiration=1700843579
43 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABxIU7KnLYAABPvo4Dr7g&expiration=1700843579
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ksl.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BIq%2BpBGE%2BPFxQ%2F3P4zL7%2BQ0CYrNKgXEstzlCBnPveZ5T6UvWB74ZvVXH05ZGXDnAzT6SctGMp2m6AG3hg49HdrYKOltW9CWynJACWjrzF0%2BTgRJwwjDKFFZiLT18FpE9JGQNkApZ7kYYwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
823fb1d5bd3b367b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABxIU7KnLYAABPvo4Dr7g&expiration=1700843579
Date
Fri, 10 Nov 2023 16:32:59 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum.casalemedia.com/ Frame 3B23
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1699720379
43 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1699720379
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ksl.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QdP67yXZTXsQQ8Vjw3kdxqXjjIHzxPct7zFOI0%2FFT6apldJP8ZZXhUllRr%2BfFLT1L1PAZpnKFDHfs4Zb1psKW9eiGMerM9BfY5YuollR7Ra8NrzTeHQF%2BW9uLYAyx29zqCV4X0Rl"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
823fb1d6abc3bb71-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1699720379
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 3B23
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1715358779&external_user_id=d11ecf12-2628-4170-a9d1-932852cb0ece
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1715358779&external_user_id=d11ecf12-2628-4170-a9d1-932852cb0ece
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ksl.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okRumatsWZjfDQayK3m%2FCyE2S6VTJtAnQuwGR9DRlTWZuAXlQquiHbFcHsPdVN6eK8JFCSRSUWShyKzxpoSMeXSKOpTHgiIyEPuOJQtH47e9yx6USloMnAp0Ax5mkEFcATbZusRQpBaG6w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
823fb1d7b89a367b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 10 Nov 2023 16:32:59 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1715358779&external_user_id=d11ecf12-2628-4170-a9d1-932852cb0ece
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame 3B23
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZU5bNKWNMtQWX.mrcXnT.AAA%261142
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=gVTAiOMn0WWeadP1g58M&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZU5bNKWNMtQWX.mrcXnT.AAA%261142
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=gVTAiOMn0WWeadP1g58M&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZU5bNKWNMtQWX.mrcXnT.AAA%261142
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ksl.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sqn3sD5cpO%2B%2BUKF%2BIInt7lcrMezPePoHdLyB9YjQe3WL6DcXQ53ZABB%2Fs7jh6mXe5cpeM0U%2FRIxElVjoRQit5WErIuFcTdFJxQreyXU0fxA9mqX4KZ4yLPJBS3Qpd0tG9DuPeE54%2BtOP2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
823fb1d6aef1367b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=gVTAiOMn0WWeadP1g58M&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZU5bNKWNMtQWX.mrcXnT.AAA%261142
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT, Fri, 10 Nov 2023 16:32:59 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3B23
Redirect Chain
  • https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=ZU5bNKWNMtQWX.mrcXnT.AAA%261142
  • https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=6d1d0106-ae9c-47d6-a7fa-bdf5a45a9c2c
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=6d1d0106-ae9c-47d6-a7fa-bdf5a45a9c2c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ksl.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BpWGcc6XvTUQe%2FnMwXoYvca7Z1WvJJKKkGAnRDcHPEueCwG1okTNkR6KIFw0rJPEsoFnXT4RnrslYQ8qaS%2FFaPyC0JdzIl%2BcW6PXOcxecN%2B7qKF3vLqd9zPMht7M5XCc%2FpNwL1NCRlg%2FxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
823fb1d7b89c367b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=6d1d0106-ae9c-47d6-a7fa-bdf5a45a9c2c
Date
Fri, 10 Nov 2023 16:33:00 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
sync
x.bidswitch.net/ Frame 3B23 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ksl.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.214.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-214-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
demconf.jpg
dpm.demdex.net/ Frame 3B23
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZU5bNKWNMtQWX.mrcXnT.AAA%261142?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZU5bNKWNMtQWX.mrcXnT.AAA%261142
42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZU5bNKWNMtQWX.mrcXnT.AAA%261142
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ksl.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
52.31.205.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-205-224.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v054-008a98120.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Fri, 10 Nov 2023 16:33:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
Kl0uwGO+Qs0=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-1-v054-06e6f5928.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Fri, 10 Nov 2023 16:33:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
t3bN8ZwZTUo=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZU5bNKWNMtQWX.mrcXnT.AAA%261142
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
htw-pixel.gif
cdn.indexww.com/ht/ Frame 3B23 		43 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZU5bNKWNMtQWX.mrcXnT.AAA%261142
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ksl.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:59 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
58376
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
823fb1d69a8c1c09-FRA
content-length
43
expires
Sat, 11 Nov 2023 16:32:59 GMT
rum
dsum-sec.casalemedia.com/ Frame 0B7D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc5RUAXI-FJYCXFgIzU1vE&google_cver=1
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc5RUAXI-FJYCXFgIzU1vE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCls6mZBBjhiZLwATAB&v=APEucNUTQTuAQfc0Fz5HSHUgNpusmupoIjr1jiq0SRcyAmxtyKPRlf7ore6jGM8kK3f50E9XK9OBX1MtarN52W2Mxr7hB568ajIWYZMvSO5iGrRK0_uQ9caehawDldTUnYKCdrZW90ptnmoj4oYfty2NYoD_xOMHZ3g0MHgC_IqCPrSxCFN67uo
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WtzOkkrEzsv95ibPXcXG53IEOL53R8s%2BwDj7Y8fF8ioZp7OR3l%2B17ygohPmOtAtV9T1X0tShR97H2JdIJIAQgJm9Omm2EWxuva33alfQltQCsYDumtnHpIKy2GrOCQ6oe6q8T8PAeyYLWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
823fb1d5bd3c367b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc5RUAXI-FJYCXFgIzU1vE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0B7D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZU5bNKWNMtQWX.mrcXnT.AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc5RUAXI-FJYCXFgIzU1vE&google_cver=1&google_hm=2
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc5RUAXI-FJYCXFgIzU1vE&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCls6mZBBjhiZLwATAB&v=APEucNUTQTuAQfc0Fz5HSHUgNpusmupoIjr1jiq0SRcyAmxtyKPRlf7ore6jGM8kK3f50E9XK9OBX1MtarN52W2Mxr7hB568ajIWYZMvSO5iGrRK0_uQ9caehawDldTUnYKCdrZW90ptnmoj4oYfty2NYoD_xOMHZ3g0MHgC_IqCPrSxCFN67uo
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jN3tq56rrqmQpKTSST6bNZKpPOBPFogaB3KtJLt1%2BMqeEaOieEaIoA7qQvRtopLQAnASkndoUgDISW3RlhyAt%2F%2Bp3rk6lUPOAfOzZiX%2B7c0LD1XhVzUEsuwoz9Nf0VA0CbEn91UCT1XwCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
823fb1d5bd45367b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc5RUAXI-FJYCXFgIzU1vE&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 0B7D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBc8n-Zc8fAMdKQpl7iV_vc&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEBc8n-Zc8fAMdKQpl7iV_vc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCls6mZBBjhiZLwATAB&v=APEucNUTQTuAQfc0Fz5HSHUgNpusmupoIjr1jiq0SRcyAmxtyKPRlf7ore6jGM8kK3f50E9XK9OBX1MtarN52W2Mxr7hB568ajIWYZMvSO5iGrRK0_uQ9caehawDldTUnYKCdrZW90ptnmoj4oYfty2NYoD_xOMHZ3g0MHgC_IqCPrSxCFN67uo
Protocol
H2
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
an-x-request-uuid
d999795a-f5d9-4286-8488-40ecb370cd8e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
185.213.155.177; 185.213.155.177; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEBc8n-Zc8fAMdKQpl7iV_vc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0B7D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI2NTc0MjI0NTYxMTI0ODU1Mg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI2NTc0MjI0NTYxMTI0ODU1Mg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCls6mZBBjhiZLwATAB&v=APEucNUTQTuAQfc0Fz5HSHUgNpusmupoIjr1jiq0SRcyAmxtyKPRlf7ore6jGM8kK3f50E9XK9OBX1MtarN52W2Mxr7hB568ajIWYZMvSO5iGrRK0_uQ9caehawDldTUnYKCdrZW90ptnmoj4oYfty2NYoD_xOMHZ3g0MHgC_IqCPrSxCFN67uo
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
an-x-request-uuid
bdc45391-ee36-4af1-adba-c51ccb793db5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzI2NTc0MjI0NTYxMTI0ODU1Mg%3D%3D
x-proxy-origin
185.213.155.177; 185.213.155.177; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 5CBD 		203 KB
60 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Requested by
Host: d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com
URL: https://d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
02921029146a0eb50a64d96b7e0128e92442ee0c15a3a52bc8d20bf80760d8bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 16:32:59 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=b5Q5J_0noQbn4PSlTIkybjjmezmOfqP_WrqVowuSIIylfLHd99w9dCkvW-93yDsqpt6C22nNMAcFivyxWw90St7ZimIltxa627ZnDKZhtf4qHmuytKSgd6Uy7FGXj8TG2G5p9imL6_fUI6JxUxy-3Q8N8xwqk6tkV1nlXJC4XVIU6A_R8XOq3uvcrhw71dR4bXoe8C_atVjN_C0MiI6o82Nd3DABDFLZKL8zddST1Nsl_rQCfKjvp88tQkp3VD0HD9Qjxg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
61579764
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 2996 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
an-x-request-uuid
5d11a811-401a-4aaa-9417-5d95c004532d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
185.213.155.177; 185.213.155.177; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ksl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.ksl.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Fri, 10 Nov 2023 16:32:59 GMT
bid
ap.lijit.com/rtb/ Frame 595E 		95 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
912969afdab9515911844e31b7d76ab49a21b27c9f9f01ebb7078145c29bfe51

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 10 Nov 2023 16:32:59 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ksl.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
c
prebid.a-mo.net/a/ Frame 595E 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
date
Fri, 10 Nov 2023 16:32:58 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
26
server
envoy
vary
origin, Accept-Encoding
prebid
ads.yieldmo.com/exchange/ Frame 595E 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-1%22%2C%22callback_id%22%3A%22269dddfa3e4c681f%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90b_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&bust=1699633979756&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=1.1M-pound%20historic%20steam%20train%20to%20return%20to%20Utah%20during%202024%20tour%20%7C%20KSL.com&w=1600&h=1200&pubcid=50014a52-757c-4aa4-98b0-d55502c47caa&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2250014a52-757c-4aa4-98b0-d55502c47caa%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.169.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-169-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
trinity.json
apex.go.sonobi.com/ Frame 595E 		730 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%222719d1286fb76113%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90b_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&s=6e3186a9-fd19-4b7b-8784-40b2496a7800&pv=42dcf765-bc4a-4ace-93fe-59fc7399b76a&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22ksl.com%22%2C%22keywords%22%3A%22news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ksl.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2250014a52-757c-4aa4-98b0-d55502c47caa%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
3524629d6188e5d9b6609362e17273cd1430da3ca0ffceb81a2337bd574a6e7d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:00 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-198
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
436
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 595E 		0
55 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
date
Fri, 10 Nov 2023 16:32:58 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 595E 		146 B
963 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0526a53ff839da53ef7fd632806ab6129c4b37d2450a5fe78decda76da1db83b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
an-x-request-uuid
936451fd-e448-4002-adc6-a9a96d74e55d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ksl.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.177; 185.213.155.177; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
146
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame 595E 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 595E 		424 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=50014a52-757c-4aa4-98b0-d55502c47caa%5E1&rf=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&tg_i.domain=ksl.com&tg_i.page=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&tg_i.pbadslot=%2F65889844%2Fron01_728x90b_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=2817f43eb4f0164&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90b_desktop&slots=1&rand=0.5360811776444656
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5a990e03eb35c8aa9b2d99a198696d5c703ecfb56dccab8194bc89f6eb6aa028

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
424
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 595E 		38 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
451d789d57891d5f9c36466f747a49be8053afa37bab816bd48ef8d408d71171

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2FnDzp8SJSSYNPIkTai9FEzd%2FNfEWPS0gyM8yIqNZzGXeC4rQzZTnYL01gKovQLc8%2BvHLMZ2nHugZtCp2FN6XBmG2yMZsmsD9xeZlBrtR7bnyHU4Mwdjj9odA%2FuzXPiWhSaat%2FQf"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
823fb1d59d15367b-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame 595E 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.ksl.com
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 595E 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=476778&zone_id=2832542&size_id=2&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=50014a52-757c-4aa4-98b0-d55502c47caa%5E1&rf=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&tg_i.domain=ksl.com&tg_i.page=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&tg_i.pbadslot=%2F65889844%2Fron01_728x90b_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=28725d5a35b7ea0f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90b_desktop&slots=1&rand=0.5888439908566685
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1fa746168ff0170b7875ddf50bce27e486e8ce2620c2aef23b250bb147dca5b7

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
tap.php
pixel.rubiconproject.com/ Frame 5E90
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGvuhy9smxJoeuE_Svnq2wQ&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGvuhy9smxJoeuE_Svnq2wQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCls6mZBBjhiZLwATAB&v=APEucNXBd0Swzb6FhTMN9I0ZcdI-MoasU02ayK6JPxwT1vdnDJKJHXtB7S-C6f2bkiROdFD3aEuLb-O-Z_mcHeelQBpRFJ3QXhCeA2KO8RL1Vsksy4a7VoZG5O80ZG1XBYTZiWEDpRWEnvWZrpPj-id6lS8dsML5rqr7_H5AM8owmItEzMNPJmY
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGvuhy9smxJoeuE_Svnq2wQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5E90
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjE1MDllMjk5ODlhYjdiMDgxMjlkYzg4YzA1NjI2NTI4NjkzMDliNg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjE1MDllMjk5ODlhYjdiMDgxMjlkYzg4YzA1NjI2NTI4NjkzMDliNg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCls6mZBBjhiZLwATAB&v=APEucNXBd0Swzb6FhTMN9I0ZcdI-MoasU02ayK6JPxwT1vdnDJKJHXtB7S-C6f2bkiROdFD3aEuLb-O-Z_mcHeelQBpRFJ3QXhCeA2KO8RL1Vsksy4a7VoZG5O80ZG1XBYTZiWEDpRWEnvWZrpPj-id6lS8dsML5rqr7_H5AM8owmItEzMNPJmY
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjE1MDllMjk5ODlhYjdiMDgxMjlkYzg4YzA1NjI2NTI4NjkzMDliNg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sd
us-u.openx.net/w/1.0/ Frame 5E90
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJLjcebcWUCWaqcxsN4RjMc&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJLjcebcWUCWaqcxsN4RjMc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCls6mZBBjhiZLwATAB&v=APEucNXBd0Swzb6FhTMN9I0ZcdI-MoasU02ayK6JPxwT1vdnDJKJHXtB7S-C6f2bkiROdFD3aEuLb-O-Z_mcHeelQBpRFJ3QXhCeA2KO8RL1Vsksy4a7VoZG5O80ZG1XBYTZiWEDpRWEnvWZrpPj-id6lS8dsML5rqr7_H5AM8owmItEzMNPJmY
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJLjcebcWUCWaqcxsN4RjMc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 5E90 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCls6mZBBjhiZLwATAB&v=APEucNXBd0Swzb6FhTMN9I0ZcdI-MoasU02ayK6JPxwT1vdnDJKJHXtB7S-C6f2bkiROdFD3aEuLb-O-Z_mcHeelQBpRFJ3QXhCeA2KO8RL1Vsksy4a7VoZG5O80ZG1XBYTZiWEDpRWEnvWZrpPj-id6lS8dsML5rqr7_H5AM8owmItEzMNPJmY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ksl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.ksl.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Fri, 10 Nov 2023 16:32:59 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 595E 		423 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=50014a52-757c-4aa4-98b0-d55502c47caa%5E1&rf=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&tg_i.domain=ksl.com&tg_i.page=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&tg_i.pbadslot=%2F65889844%2Fron01_728x90_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=290fa304db24c42a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90_desktop&slots=1&rand=0.08862973032952115
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
be18ceace877e07a6cc2bd69debee587f90e36f7bda869387fcfc3328ee1a460

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
423
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ads.yieldmo.com/exchange/ Frame 595E 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-0%22%2C%22callback_id%22%3A%22292d6d02e5fdc911%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&bust=1699633979807&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=1.1M-pound%20historic%20steam%20train%20to%20return%20to%20Utah%20during%202024%20tour%20%7C%20KSL.com&w=1600&h=1200&pubcid=50014a52-757c-4aa4-98b0-d55502c47caa&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2250014a52-757c-4aa4-98b0-d55502c47caa%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.169.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-169-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
pbjs
htlb.casalemedia.com/openrtb/ Frame 595E 		38 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ffe15f0d46f175442fdfd50730fd2bec535ac1e34f76813291ac0484b310acc

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WK4yEKiZpKgma2%2Fgsv2hljjXRw%2BcCS%2ByLFggy2GJCMfPIdo0W5DfpWktV4lqO049Uz4ghjZ41KRvtHCmuQzdLXHOrHjha%2FgNzwFjV3OxkiNOoTpZz6ORnQOfACQkSJ1s4qWQUcqz"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
823fb1d5dd77367b-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 595E 		146 B
963 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
6c7275a67bfaa98f0ab91c8aa5c2a010414475cfeda39da85db6f9da324f0e95
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
an-x-request-uuid
38c70228-912d-4f34-a8c0-fff46a4b8a96
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ksl.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.177; 185.213.155.177; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
146
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ Frame 595E 		730 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22298db42fdfc4b076%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&s=7d098824-c4ac-4e35-86a0-8a7c7db0b289&pv=42dcf765-bc4a-4ace-93fe-59fc7399b76a&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22ksl.com%22%2C%22keywords%22%3A%22news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ksl.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2250014a52-757c-4aa4-98b0-d55502c47caa%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
63f05313fcf85fc994fc1d68fd89e292a8ca990fab244cfb2812ce28b4f32988
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:00 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-198
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
435
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 595E 		95 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
828acdf12199df0d8c86f7ea1c35fd0ad9a3cd2c15b5d4234bc36acb5bff55bc

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 10 Nov 2023 16:32:59 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ksl.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
c
prebid.a-mo.net/a/ Frame 595E 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
date
Fri, 10 Nov 2023 16:32:59 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
63
server
envoy
vary
origin, Accept-Encoding
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 595E 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=476778&zone_id=2832542&size_id=2&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=50014a52-757c-4aa4-98b0-d55502c47caa%5E1&rf=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&tg_i.domain=ksl.com&tg_i.page=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&tg_i.pbadslot=%2F65889844%2Fron01_728x90_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=30451a9c892fd58c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90_desktop&slots=1&rand=0.26643807033352607
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3a3cfc9d3fc56afd18ab946ef72270d0e911db922c88a1733fc6ef8b5233f86d

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 595E 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.ksl.com
pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 595E 		0
55 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ksl.com
date
Fri, 10 Nov 2023 16:32:58 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame 595E 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ksl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
khaos.json
token.rubiconproject.com/ Frame 31CD 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F42 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7912337333923&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F42 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7912337333923&version=m202309260101&ct=76&x=8&cor=14322882442262220000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4F42 		93 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BrVHBgLQ_mv7xjgBfCV9BU9my6VY5RzJxHlHFd4QT2rSnnGitjrOifgrSo7V8VtOStWlYwFiJ35ck_1kir3aJ3DK3-2rB7T-ki8bMdj1s5oW6Ansbh-YMWrySKyHUio47HDnjclf9NfKZVfGVgMsklv4yUuwzdeT6Mkcc4N4YZ71dqPoI&dbm_d=AKAmf-D--jdK_334s9FC27XowXwnvCjK21NTb8JE4sSACsonYYUhsilBVYhXaHPjkkagcqE_z1QZk-kb5qYQ_hBZJKTTc5Ix2_ZM-M1YHaz3252ISjFstmDEwmerOXACfWQ66YR09J-3hkT8_7XdWEon57GBCKT0gtLkaEe0gTj8O0NNf9RflFvg3fYSce-haH3uL6bEq9NxqnnDOmxglgjKVzNtpP5gGwdh2HP-N7KtX8k2DOWyE_8RUkw1xM60q6poNY4PeIMRnKWzS4-7hMfJA2MpSAYkJLN1_1oDEOV3M95-vIuYusXQnCrfBFZw7bm4Totq3qUPUN40J4IjfCd4l20c3UrkFazAnXyFZG99QUHOBezkCuVdo-wh2azF0H5u0QsDQDIq_rCxtqk190BstSdJ0tzSpdWW-1GGEUr76mKIyExlXafx-bEPCZEd7kjSDxoNvBl7JlGxIlnsTQnMaS6efiPgQfqjKaxeXX6She6PKqh6P26K9bi4Bm5wmubCM1-PYISUIhAeao7ySfJp5J9CKV0GPGGKqiZctb6tcyVcUWqWZI1pFUdCovWqVtN-cO7N2GNLJPqoHt04urB1_UpGF9VDrR0HDRMCbR0PjWOmxDCAuFGFoA0Czlq6m7kO9Ypa4ESuuWBzptNjPm2786Yt4R4yEG3f8XiS_c1_IuI4gnIHgxnlv4TlrP6773DhDU_iY3Yms365MFxW0cNyL9neRQaxkOlojUjHPDV8hyOkHge8LEX1GbS0sMpbu9dYOUDRHavEzJyS7JyoqtKIzHhQC3lpxHcqqF8Ro3VKYc5uTvdcYy7dw9bb8LfrM2r9WOoUDQciqtk0Ohq5Ko5fCG5kFs1qydnwsWMdctYknb6RN1a_2PV18NwbkTqQUA4Fo95H5vJjg92HgEQYtiGbXgWdt3QXQVbu89WmAYMoY_TYgxbB7WswQeQYuLwalJ6iwS24jPHV8GafKOsAc1RQlPckXSHVC5AoYeyTOQY3nj74EGJF91a_KZpHY3XJZWORgUf11tOvWnLQ4TeVCtnekIlaP1h5bYCB39Nq97N57xzDUaH0sumRQCAiP5xEqEZ3He_fLsFLbsEdE1J7ZMlZ1Y-5GQA92zD2iltyKxO11bUCR5uXCWKQsrcMDvY65EmUk3T4BwdU_smPbyNG3JHimtlDvoWaZi4fyzBrHYhCSHLsJNb0N-J8kw9ejhg5w_FVlCe22lgzhvs2Ra1eXezQu2stvtx86y5Us3jebsH2LML2lAfCp9yNQT75bGEAuxTqUA-uvFTP50BM7Si_rGaPa8gtSZAeLU1fVPkQDsEY8Hb_3mROzFBbq5wtQ6PIv7tNeSR6Uc_oihf8kSDw4wh31KYqRXWro7blHnXFUwhth8dB8Z8k860BJ8epn7D2pO6Sicjxoo8nOHK4_1r7F2GmZ9NTaDhg79C0B0pRwJTuiyoClKvdW15Y6rQU1I0wOmc89XFoH7_0PePYVBJiVDpYCPKklwkOj0p4r8RNKdFPuyFLTntvL6bIijtgEgqe5p4Rr7Dd330iD88mazgZodnmbt1R8OoKdNwhzbWv2VBtuejSjTbGjYvCGjx7to5wzkv5DtuPAEgviYNi_wj8BphbB_LextkQ9rh_FwXxW3FREIi5_leEQEpleMzJ5mRl5hBxp4o8rXCG8YHOsNju2lJ5vJNvm6A-nyyx7GT0lzZ9NuLHzq2uPTLCphjthHibC1_9j1xIu44Mmj7wKM8XUi5r-FhKEl3KNg1kk4kE0jEDbgM53_SXU8dSx6qbtUmaAGb227Kd11EyrUla6AS-I2H_97ZoF82xtT4Py4qvul72PBGGkoTPlO6jX-3TLa99PY5LmER-goxgP4M14ltiDJgX8N-jQbic7rUQUKhyCql6F7PWw5QnE7_blayBhuZgDZzDgSsgjAoQk3oFuezIsNvfmaKfAkInYDoYmtsf4XI4LBMperqSU63WlSCVhmWLoA4KNkaGNRDIGcQx8l12Ux3-xQiLuOJqdj_P9C3f_wG12_0DzyxOR64C5qrbwlrFX1f_Zd0G-00KJ4SjJ-CXh8r9JHuwzY_R9xUN7UFoicXQgo4RucO7fKZ_9wk0Oci95J1y63WOmb8lzbe94ZXCo1x3zzDlGv0qnGV65wIzj9Op_jRwSM180ZMOoROINcddehz_SoqK8GDu3ChmzDufi3ScuFhYF9djn1LZXf7ryZAUzE69Q14OmCMwhJ4YRQWXia1SknIb51PNEIV8mCwM-t7g52wEULI_CvfWFNqqd5wEbjfcJOaYQi3WR_DsOwmmtPLBJ80IZGMOlEN80lrLR3Zswni5_ht5gRslSxqZw5q4TGoT5TmpbVOV7Zm3TS4p2XoIvEDyegI_ylUuD_LRkVU8iFezgDh6EBPo5UEIioBeBgw3NJtZctmQInKYy2Q20iuVJ2TuC38a9ZM-JjXFWCEl9qjtS8Kyi8r-yrKGSCj5dklVRhc4m2c-i_w2mIh2LF7g8wk_WPXS3Mxds-PZXcjPn0IHYaDd-apk_40K7TWh1RPwWnZw2-BygDXGlfWFN8FXEQJSTuFBGdBQoklCLwB6jFnQKS0rhysnsjp5QKHnYOC_TCYZM_fOLA1aWr82xb01gxSJJ7LO0co6Sv9vRJbqFh9_0UPVzUKc1eNu66plVMyUtv_T5jeyRHNz8jYiIM009EarSkdIbhNW34F84ni9J1Gh_BCQBPyZilnl1L1qxca1ePSfwTBoPALIIARFigM13x6FqRTHQBWLjgET5_gXTaKw01z2UOaQb6Ag5EAqxjjjr8tRC_nsMFuvNxz5Br_g6o2umhC1OqRsN1zQtCGVpvhYs1e8rjLf6o24hGFOTtQ33yTwN4AlpB_ZM0EzOCBG6ezIhSqT1XKoHn_RwO5KCiQ63Im1dRWjTdvTRXmc9Wggl7IBWK360sefUFekwasZ2BriZ_VudZq2uvzTX9gbKPKxtYR6EdMMikk1G0YrsmkgybQ_Cp3w89R0Ex2xri6461A7DiypT_4-999C2wvSetPt_caZ7RP0tEGBoy0fOEJvIScwyERbpnrCn1sGTSIFc0mIXK7eX8NFp67jWz2knW8PGLBrnXuBNEhodZ72riu9dZKJLxb3J2g9Kj_kczRCEgMk7pgT7BvGYyA49iWYraq-xWKW08nrZSe-RG2dpSZ4D5AAe0cnEwt-K7Vm0q4uJMSkE4O6U_2YIRreoRYIfleLMY-5N5HEl7EcN7PWXxjxMW6upMldIveP6KoEvyYsP3gYPLtF4qEr6CzeRLpse4nACPs7av1-0dj0K6zy6ZwTo9dHAKADA0Cr44SUDmg-Pie1-V77zLZy1TO--6802pB9S-T4DD0NfiC3_sWgEHMdOMX_6t_9TdMZirBJnpliLg-w8US0eySvVb3BW4hrQwVygWaUD_SVw7-0xm5082L0Ux6z97WO5fUs9aJvuKRMjam3w-xMcpBrLh5s2EinVfNTk8uEuHWjeSsfV73Pn1YmWhQK4r5OhN51_UCPd0rVEiYUlp3dFN6sz_mHCAUMHO0P6vSHaGfd0hKx8gXKkeyjYJZtLqTtSrxFNlEqGi3sBgLJyHP2ava2ergs76V0G73U4gb08I-K4TPYTaCB463_fzROPYiPH1FwCXxczoRbfBNskDxVV0kPQ3IEa5bm9iTQ6_KvO_8hQmEvCnaFgol5Xb-4VXnZNnCYKjxXDXu69fyHSjzk0rLgeE_ARa1wXL6P6ul2_B4HnjDDEO7BGMHh-XmeYw74O7OfM32gFuHgMH3oZuFkDFnM6itY_9QkaF1p3oe67m0ov_LmC-VEoq7xygUgplwvE69DSPrcj7PNHh9fZ9-_8xjzIyZpYtXcnMROOpXsuV5EDmOg-0AMnvrdMvFZ9HfamgDnwKP3_t6aEcXtZFPO9QY-RDqmzblPxZCFkfXUGDq0iwF7n7aHz8gH3IjJXdw&pr=8%3A2258C73E8AAAA152&cid=CAQSMgDICaaNGj7mlhzLAD5Ym8ZDxjCIivbaTkqTJEqP6snijAOFPLQr68s6KUKYGJN7--66GAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ds=l&xdt=0&iif=1&cor=14322882442262220000&adk=336307537&idt=112&cac=0&dtd=12
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4912e03919f93cc8a89f00168b4160a62dbdcdb1a76b483794d2b90f5493d908
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39599
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame E470 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?prnr5Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:32:59 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 6F3E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_dbm
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEE6JZyRyXEiqnGFifR2L698&google_cver=1
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEE6JZyRyXEiqnGFifR2L698&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCls6mZBBjhiZLwATAB&v=APEucNW88wyuiYRiK50e18lDI3KNJhWgyK5tkx5HOUay8kgw8ihucUspKnd2I0WINByZnJjhH9QM2pYvx5WlxBqbu2zhdq2FMB9-qp3HZMwyhN1Y-5ABUdaVWdPyPbAlvZAw2FF0IDSsYxM24dfoX5ciZZVT66CVOfKfc9SwJpmldbOTBXNmoLc
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 10 Nov 2023 16:32:58 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEE6JZyRyXEiqnGFifR2L698&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
350
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 6F3E 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&p=360&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpubmatic%26google_hm%3D%23%23B64_PM_UID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCls6mZBBjhiZLwATAB&v=APEucNW88wyuiYRiK50e18lDI3KNJhWgyK5tkx5HOUay8kgw8ihucUspKnd2I0WINByZnJjhH9QM2pYvx5WlxBqbu2zhdq2FMB9-qp3HZMwyhN1Y-5ABUdaVWdPyPbAlvZAw2FF0IDSsYxM24dfoX5ciZZVT66CVOfKfc9SwJpmldbOTBXNmoLc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 10 Nov 2023 16:32:59 GMT
content-length
0
content-type
text/html; charset=UTF-8
um
sync.teads.tv/ Frame 6F3E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESENEnwQ8FQZREGSljXGLyzVU&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESENEnwQ8FQZREGSljXGLyzVU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCls6mZBBjhiZLwATAB&v=APEucNW88wyuiYRiK50e18lDI3KNJhWgyK5tkx5HOUay8kgw8ihucUspKnd2I0WINByZnJjhH9QM2pYvx5WlxBqbu2zhdq2FMB9-qp3HZMwyhN1Y-5ABUdaVWdPyPbAlvZAw2FF0IDSsYxM24dfoX5ciZZVT66CVOfKfc9SwJpmldbOTBXNmoLc
Protocol
H2
Server
2.19.85.30 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-85-30.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Fri, 10 Nov 2023 16:33:00 GMT
pragma
no-cache
date
Fri, 10 Nov 2023 16:33:00 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESENEnwQ8FQZREGSljXGLyzVU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 6F3E 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCls6mZBBjhiZLwATAB&v=APEucNW88wyuiYRiK50e18lDI3KNJhWgyK5tkx5HOUay8kgw8ihucUspKnd2I0WINByZnJjhH9QM2pYvx5WlxBqbu2zhdq2FMB9-qp3HZMwyhN1Y-5ABUdaVWdPyPbAlvZAw2FF0IDSsYxM24dfoX5ciZZVT66CVOfKfc9SwJpmldbOTBXNmoLc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.85.30 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-85-30.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Fri, 10 Nov 2023 16:33:00 GMT
pragma
no-cache
date
Fri, 10 Nov 2023 16:33:00 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0429 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2549094747969&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0429 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2549094747969&version=m202309260101&ct=76&x=8&cor=8991302715973075000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:32:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 0429 		93 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AdKG3XfBwzFLFpzuocEP4erVU1sd2cDBqD3ZEBdVHhWG3gtF9uCL5dOGlRf2hmjyIiZ7FfFsdf2uFJNB1KW2J8kVAZi0w3sl2SFbYcmsihf1fPeG93YaY1-1nPzF-uFuo3C_HPHZaC3kZfvLei-SI4XzCQzWWgZel2uRt5F9OvpyyOygk&dbm_d=AKAmf-BCxCJdiu-LlMME3o0UA5OgeRpql3wt8JbA0yMvoUTqWuND8h5-b1xia45NJLZEtVr26i2if-Leiukh3JfCRfKeHaKjlxr-AO6bPpLTRAU3D-ZQJFXjkbjxXL4KBI-RRD-Tq3h3DvoLlZ1fD4HVPFvaNjNuTXwRzB3FZ6EnD3L5lUTfHtJb70MBPvfXmBk1JewxhBBv9dFhmvbG7-DMpTJPhrGykYtuCtY8ee-OmNPVypV8SRajQ9PNqyWbk2rRBoxOaUfkfAvkpOV_hRO6eeKR3p4skMAoxk_zluE1prDtkV690ZYgfLk28OG9Brgmg9ZDpNdzWVpB-spvDQd8Yq-3BGYPhq_u4M8YrtZdJ_R-95cB4SwZf6MBqx7L9Fbh9KoLSUL7_2Pd9LRtOMak1OzSOuv-5dB-I0cLAEfr6gs5b93mEF1opWZ7zAJplYzdB-1EB79hrR5bGSR2LUCbvwvRpBiC2F8brMhAEELvJrWm5WB0ieK7sI1CPbpurSCxklDwtLKtO-8zlCIBa1qeT8VYfjVdD83Gfg4CpvhufqWeTLIbz15nXFkYDH-MBijfqzDd8QyblcOG1JhVJqC3WiiEHyNhoQC_JWI0Vwy_DOC-KksvFss3oKVSn1vk9oX6JAQE5Wx-mvv9af1giIkTP6Re4l77BJNHA316f5_Z92bEh8jog5R45gSvGFgV3OWFOwDW7DI7jPNbzz6PhYRs9jJo206-sqvn_ApIpPmUYxTtiP2g42x0r2lvJrw1KTYw9m5WIaL7OTfCYvfCWTYy-99ywSNalDFO3C7jaTBHfNNFQ-M8DHsZiGfYYYPd7rNX2HGczRdkAvXRx5_lAIbVT0PCY6PFlC9uLTXoQjrZPYRYOznqbvWOqeaiHTv9TG5-6kx46CvH12Ol84mvP8wbOnL-PvpoSdT6KZdhCc8w6KUQZNWUKDoXB-Bg6B1MtKJ6dSV_SA9L8imtIu5bG_iS0I5H4verwEDUYjPzF2Z0BJOCVZDXOCFk5ku0sYYGkTnjCFnomAq4YYEKgYTxcw9GAC9vG8YlMcxXs4tp30C-J7p-rq5ZS_EFoI6Z5svddN1xTm-kVysXi97lKRJB8TzYxcW8JhaqEVEd-0tKj398Vjs-GvN363vTwRNamdo8GpI47J8nFXfOYepoEZ3GWZdCXE0zlR1kVmnYW3k1b7fAXrPulns98ptYs2r5LL72LXQ-Gtn-zRyHkno-FQVYI8B123tMycO2bBMFdq0HIcywrQ7-ANk-k_fKdRWmp1mW5VGrdvcy1kXD5-6Z9PcVfzF8CE8MiGxHEQP5mKS0ia7XU9o5_fLYYKcyznIMT0-sCbLGMNRdr2XhMzv1mibao8fX_AmzbPkwJQoeo-HMsXlCF9_ImMliHfD47QvD8wcJjSTXJNGEp95FUff9eLqtF1OWPH58a_NozYapRkK7kUmEc7eOrx3QGrny-rp6J0YKpPYL8doDcACxKOxNk7e0-Kd8_Mv9qryDZ9-8WooyHEiMnGQGsHW4bstWnjQBnpQa2Pu7C8uVax7DJqlx8uFzWmGjHu5C04I9K8wuFhFu66nqPNmZsuJ8ecC_KGdGbwISfXOfl-rz0ht87Zo7VJQqDJGXdr0qiDhNiBjZys2XroR-o1iYOOjqhquK0sjiqqMt_ED-KFKeqHEOBUKzzMS12fJ6caceO_Nbvn3uWBmvm6oLchHOf7bq9fXkbUuoo3tNwel6WPljMDcRADkFYIlWKaK406ZaKL7PRUqguMpNPNn6BoWmyUkz4ajAh6mNV0obT0BSFKCLByxjwkb4bPVwegS6wrqrSDXzSzXFZtl7w_5t_NvuSs1AdAdlhvREqBPbgQvcg_Ze8Ozc28zWvBHSVKZEYi0eJUy17a3q07h78qH3S0FuX5qKAeNBiZi-BCKE-o99InCWwiagf2q_fe5_qWwVu4G5qNWry8TdNVP6MXapj3bh8wgXJ2EihqWhfh-MsoKts_y_cw-YxPTT2zW-JbTmdJbWiCH4dKoEhNwZvFiryAE5nSk9gEzj_N9m0UvHEqZtOeAuK4kGy480WZR0mkqWzeneh-HrFeE3GWg7CwmWqxbSDokiYat9u0XDIr3hPvlPXGZom6VcUe2LNc0iO0WwRH6rtLCr0a4m0DpNYdqYKhe7Tm2IBv07zuWunWd-uBJvgpTafgUFkAZkARGeP7KPtz5eU3vUZ3lZolQO55E27mv72m6b0oFY6YUI-T2vVWV81F3MzLvpcnlvs9bGTZY03nwGC3AJNoBEi5XGV9cTEpY72kyGyczQnINi4pIi4wvY8Q0MXLbnNB0V9842pF5rNpjamrFEwkJU3ppVl85IczH72Lc71-DuxUOK8tPWJOnofuRtPwlABN8V48oXI5S0IWIV8RMiSestYO_JenDTcmYgGuCMrp9WgrPKVBB6k2TobKrVCaPJFaUWHiyZ8BjbtpkEREO298rEpbEMauwBxBAd2boGp0POmsdgOcK1o0YFceHXQpfILeKxTpRHlxolGZzuc0pefGl5w--mq_6vs_CrbeOkY5tfHcW-fphYbi3Y1zsUqmZC09xQNrftdVcRJTCXrVFh6GcZw-o8lseFdG8r94-DNUQWHkUa-jLNk52aGRWiahs7bhbe7lQF5wviWnN3CVqLRuNODYOG7SRXAwHZb89c-vPNNd4iORzy82cryxWDGD_yKhdzJPYdlXFS7UkNJrhE2EB80fgEzw6VnhqlFZ_pMCBwuRVoDO7ks8PBcJRKoNfNa0VZjw4bShdGtvNRy-EDObnk0devYoaJxdpHZYDE_p3UBQ1IvbrYk0IupvYqRfQJI1oCXNb0ThBniFk7U_Ykxgbjq_ElrZBWhpU-glHYmS_3IYLGyNsKxUwepJJ5eYfHksLBJuB415eYYLrMUW0CzDQQhg9PY-UIps7frAbv7i8fFdnapYzYkvmx1OnqFOoQM7sPAyNXxYyjZD43mPAStBu4qp32ICv2Qd6qxRdBvAbVddCRDO2Zr3GaDIgyBossCBZvymIc8JGhIavu3ioDxver6rmOe--APSeaMRrg0mvBWad19dCuAqpG1m2z8wqIEP5Q6AbzEcLxTrdsEYWrFQX37HhtDumqm-jbstMjkTbNIWaf45iKJ6_h4jtaW6ik8C-7wJ3RHJLdIqMHOIGtO7qPjBR4KGzdJWtxfl_nxpn4E8ruw-TnS3_aO4tDjMwc0HTg3-bW8E8sDGBOWn2B0Si6yGerRD-KVbPo3jTJIa6q3YHUrYD-_m6I1o3Nu2z6zigiceov2fnAZ85RVm7ynD7XRCZerdqNWRtVCgZhSbntkW4urUmkRe56f_N8z2UvDCLEJCXYma4V8_HrMU6o4_kD_BhjTFdGahXGHUlD4-49rEpcA8gii5GW1HiGhruze6dbXiXOfWoQnwApNDGQUW3LQ2qGsU2lyk9hUk9CVuFlLHIsgBIrTbB_op2zpLvcXG0wrq-WllBDHxKB3vJScsdzAKesWU8RM1AK4kqzeRG1mGfW2dXOhG_FaOgujJ9VIJtX-vY0KDNoKdDUoxXJpGnduAG044hxrewken1RGxM2f8v9wETmdkF_Bs5yHiRkmc0FKChNXAhaqMewPM2rr-F8peGuDEWTp0UOjmRYqki_XRWPbb8X2yRoLk_upNbf4zo7GrVcsKOCtvKByR8-Gbjs2QUfRfgwzU5aojypzFtHJjMWP8YiuI4HHEd3NR_oVV-nqfsYgyYSPLW9iCyOKp29wGCBR7gmLj-xFS1cTrxVLOYmsylhsKj5JMTMiT8vHpBRFcm19uezFBRH18HdDvQWmg4jC1mb7WtAwcx7d-wFrSUZqNcX41P4diFQizxT9DIXfTv2CRHyg5HTign2X8PIL8izJL_wwsFKr-diRwSCzw6B_YRQIdnYIdN_faRponoRv9b0e5fCrA7lXDKKSyVmcerkvO07fv4tiLPyShGvjrLOt1bCY5QGXKdMDg2_&pr=8%3A2258C73E8AAAA152&cid=CAQSMgDICaaNJVpn_FX-N2lldexaJs3edEt-T1PjSi0Jrwwg0rqZf-uSFKPg7Sqr_3NesJABGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ds=l&xdt=0&iif=1&cor=8991302715973075000&adk=3599733580&idt=139&cac=0&dtd=5
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6b34bf63bd954096432fd22370ead614ca2b6dbe9134695bc339f80a67de5bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39608
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 952C 		0
21 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8739139595911&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 952C 		0
21 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8739139595911&version=m202309260101&ct=76&x=8&cor=7120551725912834000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 952C 		93 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DXapF7sZJSxxiloI3c3tJBj48rCHfWN5kGKXLejy53rXqDhcY4LPxt4TAduv1cYUsUFGLlRKozR3aQ55EMQlljteN9AJP-bfgmfBw1dWNMUKFggK8i7qgdnx5n8DofXLnwE8l4vF8NdjYxnvvKnfzfthnwNLnrjTYsQwLSXGZt2PWlaUw&dbm_d=AKAmf-DrloxM96PODxoEPQ9smywlp7ffqEwkLoAA3Nd_s5ijM09btBIWKlR99lt0xSbD9fH3vYc__SJqe5HYjt_iz9Oib-PEajg7oXTiiFHwut44FNA7wpzjMhu97itX-iNcdy9ayB3buS8fEg0hqntuzy5Yl5FX6KyGpEjkqdQP9zDvJgwrYfxB33K8Thf31AyyBhQnYzP7PPvv9HDWi8kj1Ur-kq-un4retgvP1uGmnKo7DCE5p5n-bXV_1UmiMma8pmjR3IYgrZgb3a-eCJUo5BgBuib4mZgAMW6eDooDbp92FN6X59Vgbal2Znn_2z_LUIUj57AmY7qs3eZBbEBLJs6SFDuzKVV9GOAxTzrteEQHDUNY93YqrLyQVKaX2scrZfIEs1Wg6q0Mf0aFiAYc-SvukwN0lEYeopLuPtH7zTcKpQGiP7VvOYsd8lJRReudWg379xbry9A4A2N-OPy7K4FarkWonYkxr6HNA9vjlAFLkB1PT_Pc_QSdJdPq8LetEXs4OyUUBvJX5TuJjbyN6MVTraa9nkoJcQtDFRlsVc2oxBknEnRPu-xvtagi-hgYK-k4IlaQ-4d6lx5Hfx3q04p1lGHPP2fC5Nbhzex1FvmDSvrivSTnzEjp4OWLRaDUqGbcX-gLUUuCYsgtROy5l4DQLyOzlbUQBJIUI9FPMbHWSISula6HJ8eok0Ob6HVU7tSGhNPbAsyrldE9Ps_LsrUyVrTXYzsfPglAsNV7ZZM5E7ADGTxIgguVTNwMlhS_lDFnf8x195_lPCXv1j7VfZbykqx6Jx-7mQG18R2NNdGKB6njAuLE8-bO_qvwfp8V6TgJ-9zZBumxLa8bZkdsEa7qB3VUHXB_4jMfdJ-JSKtl2dY-j1fGZpSrQgWpY-DMrpp0mwV9zVjgjhgmIkngeyxsaqj9RjhevCNO9SROoc6U2V88ID0nc_whYxHobrGbYz6kNJmoCgj5P3-wQJqUtmFgxvvP0G5JfZG2ZCs9BQlRaaPDjOW2bteCgci6nGy2EA26I2rIq33keau3MzRngOme-gIjU0bK9VS2qeRjVpcjMAd5I46beK89HKVBD4nnYZ2Alt3OcOJYRCEYyYOEJel2bQ2ftLRJJNdWLyF0NzoKKiMOiVIvUTyBY4Wci5xud94w6cDR-Us9hJXmiXWMiz_niR5yFIyDpR4_pOLwmWmJkGrqR14OUJWKSLONVuhRNlOj3gFuSxgmBmi-bsehmMoDctYyxkGnpEZ5DeqhObioefbTKX0L4Q5cf9Yc-l1lZsTTkISlZ1sLskJnmPj7A8QXqR_vtxsWCktlBHCTR6mA0pBF3w-K6R5vj4NLZXdmNdV_j9cLR3CA02khln9T4TmHODbO3hZ4Rj3osuEBM0_JlRpc1qb3zFdvRM1hwRSFmWhvalKPjFJY-ccX3jJ2TseTi7CHf_fjSyC4KFqzl25u9huZey7aZbGw--5XGYiodu8SBfm8E0gu0gaB4Nh0Nvqh0-hHS5XGzGDSj_0HF2Rn2O5D_kuvL2MVoOrTlZaS9WxMJBTvnqKDn9kBpA92WHh_OqfRLRQhYshEdKxcJMU5QWtg53GgYjV5yW9BavKQ9vQxA24QTNJlGNSgxLMYjGj4sBTuMumQGEt2C5KG_vifU5GuKGJQ9b6HApmXaveHrMgWbfEiAV9sRzl8bMFOyI11h12S8hpJl3oBMvRh_5m5ZtrJaXiWQyBs6mArbikEuo4o3odHDQ7xFWuPjttQ4bekTSB9kELFfOUaI3uChCEnFTvYjskgJ056XQozzX1aWF9putaHgavW1Dzp6GGFgF-ixk-NYp0dxTRAKfC_PVYYpjdrpU4rQCFF0nzd9-WjJ8_5RRL8M8bhnXeUfVqlu1jBOhW2xPM3F-4t4Nzd94DYHjj717p6wOtTDIgfT_AgchVbnKNN-i-l_jd20ttZjTAC3Gn94fQiGuMN9mswZ-ZOgrnMb78RUcrwhaagKvUPgn5SZ7E4XH76e8V-2lbvJht3URWir5q5Co26p0GnciumI2G22e93o9aRhbJVk81seTwUmzOGOBZhuQYf7ptoymzZFoDF7lfmwdO7R4b3A2yL6zCsQ0kDzMClEYkXIfO1VLUCVjn_Sr3ntv6Z-Mim8HU7_WRgD9_-i2LVUMyIbAwNs_HpwOrDmO9XVLYQsT8_TpdrB-1_lfD4AbDHWVqO64JMARgzj2MGcttX93ijYG_7pjkVee9U3UNZkgIArXiux25JDRP2Jr1YKjwnuQ4GcobPU_mhpJUVFaakv6A7TRMudwwkYIzlUhEa3ckm_TGDaZkvpZ1B9F6psCDn5tt2Nse3DhexovzJcKk8fYqXBiykRbIiGzV5gaA6WSP_klFGTIeg0TWYFvHF9u6iD1M-GDg_jR0z5LlbozydjCt8jaVXrnctlk3YI7AXixUNXrWtbeU_-kh0mou6DDOuLgSWAyiBTSIOYY2KCiDAdSOz_Xj4s4Tve6SIF6p-xEig4HsmHGHFfPdJPrh056DWsMxdXSG9d3t274v8KqrJoW2q3ZLfsIE_DNxu2UZjVfUG1-u4NAiJPVZczgV62A5r87D4n0E2FUHlk4HZNAV2B9jRDpo8ylVhoavn30NwSGf2aYCNHrV4Y0UmD3VzYER7Efnqt9wNvRh0WX0AgngXxO_9ooBtBgwx1sUWuTgp0_1CfJJIk0Vysbnedxrcpv7N8_FphJZW7m_v9KI4D0Rr_4h5OFQ4RAwRYMiTdMWqpvbn8dp6ktFAdCCO9qdrtRHZKM5--GmXTmAVLEnalR52m7Vpa5ui6i6mW2DAATuMGWnUwtRC5KJTlG69-WzM3e46V2b6dIXaiMnIQH5lGyHBd9lHJShJ4UYudc0rabLpVz3lmFsi4QndT1EHnG9pcd1_oed1pquMdLD4b7xu6miM2fVFxhO45sRkGRL9fXvzGCpy67TirMKFC6yRTh5_inmdOjzWllpaaPopmdRgVL9Q3fAo8gDs27BC0irDnwK_7Nix0MM3dqzw5otc96UPLGshgY_PmtscqixgD3mB6QPJBNBcF_suTQYg2EXoq15XtYKEoOzIJ2AKofWXbBeY4CCpJns1_uGLlwoqzi4YH7ybqBVN52V1-c85aUvgY5z_aKtGm6mzAsVUcYU7rRBbg1lToPG6Z7SQniYkzgmbVIJ-6i-LbgcEVy0LWx2FPWTfWTcjVWcFk2dr3mFuiIl5eaXeh1BVlHxyShFjcUewUvU9ZAAFQMMc-p4mRN5V7fwpWi-lVVNGz9DOP2WSiawQwbRSWbwr8-4Uf2GIF5RjBSpEcwbTHrhza60BWUZqkLyxfcxOmFw59_pwzbgjm7zQY3cJmDGegQToDU2GG9ORNAIPBPzEJp_fTx6rA_rsrJ8_t05jPcdwnjiWCAWykt8g0anZdvyJEl9lH2FbdNDNubXq3vrYH4_wJhNCErHVHFewiB7T9Jtw08en_5ZXoKkVYkIkigx6arRW1MJ4KzS3BG-kFhlp1_ZS8wEUdjSzDlf3vW-v4DIeZTG6XDdio09iUUDSeVq96_-GWasBgV7_cQKxKw2wIWLpL8FdqGYj5uzxPmbPbwUIS0vXB2a6fMsPDRgeoGzKN_ZfXhrVQB-R4qQDK6jIOLzNmKKkqYAMjGfasIQt3AIFBSi3Rqo8bUx6sOsJ0cuBbIFt565rgauN6S3cidfdUREV4JERuOoUDtA7N7fq6_bR1e-yao_QwFj_JJM23mvbfOGKIf4nMyU2IvdYjmE9eoM5vunLVzXshXP9W3BSiT9XZ4LiRV8IMfzcETQEfDjM3hNJF-_9J1eCoZAFxDQmrY8uao2L-U_I4ot320Pc5EtvR5W09pFSjS7MLIYT9tnunMTxjtLRBgmyskw_UNatimJU9NbeTVuQBrbNxUUrob_obB5Gw18dZKEnKfD1HWOLxyqldHM235sgkpomjwOzgMcmTQ2xdPFCnNHqUKEg_U7LuCdIEm8HCa7VciZghZjfSv6Wh1zWxA&pr=8%3A2258C73E8AAAA152&cid=CAQSMgDICaaNLobFcR6D13lJcEv9vmDiLzVpd-DbdnUQrOeJp0RFibDpqucLlIgBNqOtFJbFGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ds=l&xdt=0&iif=1&cor=7120551725912834000&adk=3975681934&idt=129&cac=0&dtd=4
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0f437d82fedfc3c3a81cb9aa2da6bbc7030502c870643d6f171003374c6beb2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39842
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 5CBD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 04 Nov 2024 16:33:00 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 5CBD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 04 Nov 2024 16:33:00 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 5CBD 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 04 Nov 2024 16:33:00 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 5CBD 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 04 Nov 2024 16:33:00 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 5CBD 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=9cbYBD0uzeFZNzWr-DsY48id5YNrBismFnfPYuBd7rLw6r12L3LdGX8DU3Ah0sIbFy_rfVv0wvx9Hys8SmaJM2dZQCCEXez3jkudfYpk7OU3WCFGxwwH3J90LkDM7Z0ykjlw2viaB7ltBVCQi_J9Dx9SSP2JEca4sPG6c-qgA5G-I998q9FtQJUBLkTM3cMu95rfAchglcz0SL6fJIejnTfoBmxnVbCYX0xEOvi9RXOfY1ANGeV8iy1lqRA5F66xnG8xNkTREPIhvOZAm545Gtj12_i5KhEGwb5hjGp6jinA6zWQYHh8_H7Gqf_fkxxAgHcqz1fEPVnP3PDzZ7iqRn2ETmHgnIOxfZ_QeEkSgqIyWJxmBriqGBaP2wf0WwjrqPiFVW6loiiTa8Hi4N-qpgFRP1tr26ZZs8pOmbH23fq4vT2E
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:00 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2402786
expires
Mon, 26 Jul 1997 05:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E704 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssaODjGdJaSTib6WaDW4yQ6kSevK1fGuobrQw6O1kdHUMSz_m6yRQW5SGWae_3XX4OgntUbo3_ID3autl14e-nTGe-cS6XoMccjr7-JkmMN2rJUeBfNG1zo1dkjnlbv1c9RaX-brtL3sgI54MNu3KWdE83Lwtg0A-TTes-9c03Cng4E5d1Sx9F5Yp7HjJx-18pdE4nJhYpBSIrO_echXYbX9jGGyoYzMnkafxkcVa8_xVUasM24OY0Ex_G-G0dIgAnXV2MtqX0BLkEEd4R9Gzuw7QDXtbK-3RJjVc0jjtzZc0tETVm9zcFLpgACuxNrB5d9j_Fw1SrxHPoG1hc&sai=AMfl-YTOVrAsdqJytqBc7K0nqdIA4OFeeTkDGJhWZN2PC824v231NYx_XTxFNG73XsSf9Lay5A54d8P9zU3yoYZ5CMzybj2xeubFdfNMgBAa9MPMJpmvIxkVFRmkAiFfSDg&sig=Cg0ArKJSzNkdWX4IVT5uEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame B1F8 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCls6mZBBjhiZLwATAB&v=APEucNXRmff6qLoY80dZn04TXjc5lHo3H68ASY5sI_FIwsDgHZUXeVN8Ue7Fa7EWu9h9YcocUAjiN-T8_g3jyI2KfBsXAZfUfoCxWw3CsmYSSRoC_WwqDg31Ceppx7heY5u-CNfe5gKNJWtuP19gOFCFVlUz8Cmr8MFc67T8o8WJv2DCDA_ZDt0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 16:33:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E704 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:33:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E704 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D3mWXdzF-pYuiml4IHbURC4Zh9ncU38aO9Bzp6dH25rfOQPoam6rqVuFC_uoMGV9FDgfUaiiqZtWS_DKvdozoxoECOPONkFxO8IF5g9-ymwXrdGkc
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E704 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3700094749024771778&x=8&ct=76
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ff09f38e-abc9-416c-a01f-77e315b33106
beacon-ams3.rubiconproject.com/beacon/d/ Frame E704 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/ff09f38e-abc9-416c-a01f-77e315b33106?oo=0&accountId=25230&siteId=476778&zoneId=2832542&sizeId=2&e=6A1E40E384DA563BA2AE062039322CC11198A693BA2A263E57F8BF9DBB412BB5797EFE195011AEA4C9CDEF0DC9D3C056D4336ADFDC3ED570210C0E3110F528D91B8E39F90E09C5A8750406139900B36E39F19D2199021847E5AFB8E4A7A5F323F60E64A47C34B62F0CD61FEBD1630F168F199078511A7738017ED3946890B80C2605645952F601789092E7F38F1341781234C490285168BD8BD321E8D6E928F62022B85B5CF999B962C90F8168BC8AF545FA1EAE17BEE774E82A954C1004678A
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::77 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:00 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame A580 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=90&slotname=RON_728x90_House&adk=3207061216&adf=4198790041&pi=t.ma~as.RON_728x90_House&w=728&lmt=1699633980&url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699633975518&bpp=2327&bdt=1781&idt=5089&shv=r20231108&mjsv=m202311020101&ptt=5&saldr=sd&cookie=ID%3D844df475bb5eeae6%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_MYcLTca-AldOlRnbxNPEw1wJlqeQQ&gpic=UID%3D00000cbf89a7250f%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_Mbx_oj8txuoS4whmloLukh8SlDFiw&correlator=1920673714118&frm=23&ife=4&pv=2&ga_vid=233581687.1699633968&ga_sid=1699633981&ga_hid=2063222202&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=154&biw=1600&bih=1200&isw=728&ish=90&ifk=3442814441&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079408%2C44785295%2C44798934%2C44807464%2C31078297%2C44806141%2C44807763%2C44808149%2C44808285&oid=2&pvsid=4431859809604424&tmod=936028158&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.o62v4moigkqd&fsb=1&dtd=5110
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 16:33:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9D4B 		0
21 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8274895450463&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9D4B 		0
21 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8274895450463&version=m202309260101&ct=76&x=8&cor=3345948237545349600
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 9D4B 		93 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BuoS_h0sX9IZebakw35ybRLraoLlRjjpiBoJ9W-SPBppO9PphQVDfppKdc5B7S6DFsC-8KG-n1JgI5DrQyWFTeKKW1pmtb-s2zJybuwWRK608O_o4adNQypJNuQHZ1OiBgqJRGBpcrx5KlARBwtgtVYw5XCZ1znp8VT38VaWWupFiOmYU&dbm_d=AKAmf-BLRDx37ffEHx74033h_A67hmQldYApMQepDMeIvZy0BNgU9D6OFu638N6PuFvibAvsgX95eqQ288tbAN8waG8j0ptlSSGG-ZiW-mRI-qhCAjpLjreUXTlVX1xsyRRICRFkwt0rhhrlLk-DtIaF7gUo6cTfGWXi29xVSxzepEyIFPgx6IUqWnN9gphIpJbkSdTQ-9plZct60kjmzqfR5g3jVlnaJp4VYZCl3CsPPu8aH0QpX7KeYdTYADTV-zIh6-NBQVXhh2oc1TMwEsCMyAcjtop9f2_jP18Dar9pUL1K34oJGITH9ikOVU8P-_bmVD2g1cAnNVU7sGtooXL7sIctArbwlWX9icJ2b7w4j_ZzUnJGv0fzyfic_inzJKAxZJ4uOiJRCMrSxT4kJCW9QV_0vSUnuaDwbSeItXJyEV6TrJYNTNAtm0crJgZbLJHIByd_A1cpdtnhhisaOv9l_6ZfihhWxEAuCjTchb5hsI8LruVUc02xrWfVCeHT4RPps0x-cX1lBaGRNwTntjGZcV_B537boSK8qcepE06SYf5R5grpwOhPZHDEmdRcoA9ZX6lpw4vkTK6tMGzu_NKMXsdVcQrm4kgWUikpLbpc8KU3xoYi7wGS3UAcUh9dU4Pu0b5iUvg3BqSOgDm08jgRZ1c0g7iYXR4ZuiVFu1T7WV2aTZGUDXNbgt-BMyfTMtuS6Gy_ouKgnIDUDC5gAfx6k4dcBZqFJziuWvb5K25qMENW5ksmj-q3XcjJaQTUdzeXGHDjOcuT4oRPs50OfljB_SNE0jEcxfHti5VsGo5nEpvPcN1kBRySuYOpc1jOqlTTZvfZ3ZQjAyLGWNOxVVghdNhSRRXLtHDVf3w3oDF00R3-56wBzwAr4eLKY_Q-YLfTfs15b3ns0AxJYDXK3czuOvAuV-kdITUowR7ZPV-3TddRTUSQp24pxxCfnRmwQvIVtV6jLeuBB5Z5pqwmP1tca9mCTMpQwzC5I53cMwuS0s3RyAdLdCB5h1o7EWMkHTBbe-58g4SiftKPZ2UYkfVQlP-mVBLV1KiBieMvhni7nX4EFz0n8gihuFayR9Qm6EdwEBuO27UeG5lvVNBAnkx6CyM0WinMCuATVFP9JkyLO6ieSeOMRnGFWJ178Fc1DJuTozbyQ9SNBpO5QaFCN3WZKy2CDfa7BmXF1GJVJabsxzSOyS45xmj7b4tB6SMhgquY2w9rYWB_wiKxSzPKENLFPVhBMhUGIZvDKbn61YjAPKgsmmuPHu85mlV-66FcKJTlgWVwkip2hpJ155ROlLL2WTV7OxgYx72SzEnsdbm21mG6v7HILQHEQZfZBj4Kq6ALwKcrioAiC5pQVhSARxilP26mxIsY4KBcpSqqzC10yKj9JYl35geAd4wxy6QzOBJLVDt7ud4rpIWu6-lM7ZgMu-KtolKI5mzO3VqQ1jlxyUlN7UtydiuZp0gxDK1ChWKBC629ufawSbu_821SErq7em2TZHY0pL2vp66FPWZ6NFysE3X5pJwX6EV6otBYBywPcJbGKY41UL25cETrIn4qzdtQoDu4qZly4WGWXycEBPnUM3Xh9KJCTaWmCzY910lf2OdkXG5XeUHMxLaT5NcVtzgItD6a3up7ezfBbf77SmCRjNGmLpUdoTTxgohpXy4KWJdXj2pUzDzURNbFIgy2jOutEm86SI1e4HjbI5_Uhl4Xcrzc24BEIu_otvy_yxQs6S38dOFCFY-cIadcNDe3zZh607gF3htzmJzCQKuDy-HHaoAS2Ky0SuGFeoiyYDCUsSdbX0ykdjLYQoNCqIslq0oNxlrpinyi3R4ibKckyMDfMzA9PNHNxfZsH3qHeC-0bp1U4NknJ8gMEA9lt6dEQnNbRlcKfO_gizSOEXu65gS5BlvQN_1YRZymPz6dThDsTwAY1HJsJ2_aPfMkkLeEx1Cx6ve--FX5Phs1hCGphVQ3b_pVVB_c_pqjvzn9E-yZD-a3d35vGtOG4e3sKZo1U8g_L445L6Ek5FP-BJyuh6fOyUKm-Dx3KfP7CxGfK42Q7k7x3wVkAj795RtaNHn7lWdmbJBdDkPf76wbyVlmKVaYiI4HTgACs6792mpdBt1zWukIz0HdeTrwgiXtWwppyGlfu4YGrpc_0VinIwYnqAEPl5gFe4A2MP4UVS1-jpBZYs-onbk4um2gX0HSUA_PUKQxJOvrMc2q8ho804WOxitD7Ht_2h2I3lhHtj0dtP42vaQ1ru2ngfyWZsA9HrZZLLAFXR_yZKNn2Umf6zAGUyyoPw_sam_xzC6H904UeVQni_UZqQ2Euu1EQbiOE4omRYOFfPSmc3Yycds9oRl1HJHgWbAocAMoRK-5FN6DFrYy0lp1IYZr6G6aZmgaU1c0Lyp5JHT9cl7OOKe8lfPStZEtnahag_PnmmI2tl5QuPxTNmFjpzye7T2WTxywK6qhvWHz0XWcWqcvhDvHtaqyWjC7psBaPpYHPJ7IRS329j6bnrDg4iDQ7fbzVW1FUADYyThjqZNe_EwzNatk8KspaPn6GmZyGiD8d-Rj7Z_fPTCV7kBlT4vTi_lS51UQ7gx9gR1QePLZsVWqgBx1afrijcaaUqwAVopXBCI-7k62AE1O0Dn5-YnXYsN_OMyDr8FOubbvMs-3ilSfFPxJJcanbs2kRJYC6GmTXhFqWMQL-g3bv8S2Lqr3e-21At-0sOBriU7HKasXrWCX0q_xxjXOD-BHKiDnmszLuiYYnJ0RL35jzHzC0qQpzYTnkYwhSCinwMXuJJq5K4a8ILBOlS72MARxmJBp31CHST91Bc1hFht24fFSAnLx2fyHvkyqMU1TC-zuoh5-pcyZLSIm4ChhX5UlZEoYkty_DZfMWeGI6qSETyxFhHBfbR-C06ss0FPhcMxEWKQRMq_3bqCHanEbH04HuI7I6y_3nhdiKOjLWAw6WKRpK7qqtPvu5vx5WMsxQh96RLpZOuMIo1KCGsvecSwGTDz9RWxENFDCTuG4N-ehfpnsD3ouHCUF1yuUI2xHwFfooLt2Ald7LCantdycH6e56nCNJHpq9oLGtj7pIaB9wPlGf2aoIhn5t_rBiFZ1mZgpcIAFvjv8wIFjRyUSYeC2bbCWUzN-vLwb5TOjoTTwXTX8DHVcaaFzEdDXXwshFyJr3fbwEG1ma8ZMur6mi9G4aOiSzeYPLpJCIV3zC8bWQRT_63XqEjVf1T94zlY1CHHWgF9pXXOanU-s6RgJG_LXbE7vpnr5VGwWaxGG90JT4PhJb4jzcp5jFCOSPDK-tji0mL86jq3LuaP1B02RtJ2cwfAPJBGlxRDMqPOGYcmS-ri1DCi-0-afxkruYZSuEL6_2kC3L-qVHECnCsujCWRD2lDNk5Is4p7EB_S2thxz7KRpe8wCv_BP4IdxZZPsJew3gP33ShNxiNAyCZIrRKRPEP_jGiXJfOpZSalBigDbx-inOG-ZqwbzV1kxP7MFmAx3Qfv7IoeH-K_2Wc_Eb8nGYgqtnHpZ4Fk3ibyDOjNpHchVf9Jek6icdz_Nhq6QSazp-v0kn5muoo_8RNpKvI3sy1b3ORtWqVV4S-IulVI9X5gm6b47MzjMGuQ5_HU4TzN-hBNr2EGR8cA-UOILeOwU6SpBXFr-heKoCGHaQkUsZTHSvmn8yuL2nG30jkj_w7l7Huq5_f61s9mQz-vR-v46pqsoPGVEDxZwst41VjsI26OphHNHYudNmAhqtjPo7X5BcHy7skyIabfljJd1t4JylRFeaFbvrAgsWIfJA4MwHSxfScgkYau7dAc33539uMH9JVuEP9DlI7KM7HZIlIgd8YKS_XGMyIOxM_I-rW7hnqVvfFwtHGSvoeKF_E1o9NMv6YM0oOpeHmjHUOSBF_XaPDIqKoEWm5cozX9AppcZICC3_EXLGqSudgkhxUQcpb56AkARrTw9ZJhiqE_wJK4k4ag4wJETTQvJ6t0akcYU4TZriOXp&pr=8%3A2258C73E8AAAA152&cid=CAQSMgDICaaNRv2WMlxFTAZ-JMIPX_KpO4pm9dl5L7lVHGY1PcIgMIUOZQgHme2_NgfMRIyiGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dc_eid=31079495&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ds=l&xdt=0&iif=1&cor=3345948237545349600&adk=3830210469&idt=130&cac=0&dtd=12
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a80524148ce6b6d34b7cd174760d9e5616ecb56e6fe2ffe90e18ac9fc0a6e87c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39413
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame F963 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=90&slotname=RON_728x90_House&adk=3207061216&adf=4198791072&pi=t.ma~as.RON_728x90_House&w=728&lmt=1699633980&url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699633976212&bpp=1736&bdt=2076&idt=4514&shv=r20231108&mjsv=m202311060101&ptt=5&saldr=sd&cookie=ID%3D844df475bb5eeae6%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_MYcLTca-AldOlRnbxNPEw1wJlqeQQ&gpic=UID%3D00000cbf89a7250f%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_Mbx_oj8txuoS4whmloLukh8SlDFiw&correlator=1920673714118&frm=23&ife=4&pv=1&ga_vid=233581687.1699633968&ga_sid=1699633981&ga_hid=1726719659&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=154&biw=1600&bih=1200&isw=728&ish=90&ifk=3502648046&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079402%2C42531705%2C44807464%2C31078301%2C31079474%2C42532361%2C44806141%2C44807763%2C44808149%2C44808285%2C31079474&oid=2&pvsid=3362637149359268&tmod=114575168&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.qv98arkg62hv&fsb=1&dtd=4535
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 16:33:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2FD2 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4243547ff2c879a868e967dd91b7c7b33d799a833e04230ffa7b2a9f287d3153

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
ads
googleads.g.doubleclick.net/pagead/ Frame B912 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=90&slotname=RON_728x90_House&adk=3207061216&adf=4198791691&pi=t.ma~as.RON_728x90_House&w=728&lmt=1699633980&url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699633976374&bpp=2279&bdt=2115&idt=4466&shv=r20231108&mjsv=m202311060101&ptt=5&saldr=sd&cookie=ID%3D844df475bb5eeae6%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_MYcLTca-AldOlRnbxNPEw1wJlqeQQ&gpic=UID%3D00000cbf89a7250f%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_Mbx_oj8txuoS4whmloLukh8SlDFiw&correlator=1920673714118&frm=23&ife=4&pv=1&ga_vid=233581687.1699633968&ga_sid=1699633981&ga_hid=1491613026&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=154&biw=1600&bih=1200&isw=728&ish=90&ifk=2341572618&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44807461%2C31078297%2C31079474%2C44806141%2C44807763%2C44808149%2C44808285&oid=2&pvsid=2311475159034933&tmod=677826995&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.zdcmj3aujxvb&fsb=1&dtd=4476
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 16:33:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame B3AD 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Origin
https://www.ksl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 05:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38931
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 11 Nov 2023 05:44:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231108/r20110914/elements/html/ Frame B3AD 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231108/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 18:22:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
79856
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 18:22:05 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231108/r20110914/ Frame B3AD 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231108/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 18:22:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
79841
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11881
x-xss-protection
0
server
cafe
etag
5723174479369309319
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 18:22:20 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame B3AD 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 05:44:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
38930
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 05:44:11 GMT
usync.html
eus.rubiconproject.com/ Frame 5FDD 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 10 Nov 2023 16:33:01 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame B3AD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4CR0s1fgGVQK3CSlR7Cvo0B6Bx6L2XlTICLlHttG38DHYxPo7M753XKt_cS8Y_IPhrlHwesYj0k9wlYZmwcAav8t27ii82cjEujJrrTNX8sZq3e9CCigOnphrp5yADmGu-YmGTsm293TObvDHdqTPtOzcdp9b1zWmqXOVriQJPRysysYEDEm6eC2KOCaE2xntSEEhNu9Mu-pLLMo24Hp7WXwH7emTKRib_DmLgGxYiofg9ixDC0MxJokwQSpmgtsF4GJ4eoao_44sJGFYLbCYHWKsCzCNilPVBk3OQrh4NmzFl65dEb4rGYeNTid3U2fsAta1wA-YjMAKnxNMmP-vNJXj5BfSWN4hYMlL_bsCn7ZMBfw&sai=AMfl-YR2fsWCYycsQ5e93vBZmeybNhF9HHiF2RnnVD4KhpII9JBhS6EH_w7A2muIztCFwCBIMr_onIFp7shRoywLFeuJrrDt6n_NIgENL9xCkCcLkOpl1dodUTXuvly2f9k&sig=Cg0ArKJSzEMrjAR-9_tsEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 10 Nov 2023 16:33:01 GMT
truncated
/ Frame B3AD 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
989777634db26e3fbfb3eae03bb7b4bd260e2f47f4fbec21d1396dd21aa72ec4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 5CBD 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
120680
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wo%2B7pNozBJx92O2KhpHoLhDg4l9YCYAVz6NlysUrHANmS7VuEicPGibN53YLzrHb4OBXGkDhHYvoaJFMwvAWrmAxdCPDip5tWre7ewSGewxaISoLYh9rQp%2BV7BUjhblpz7xVT99hnq7ZeuuVhbAEW%2Ftu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
823fb1e20fd1906a-FRA
expires
Wed, 30 Oct 2024 16:33:01 GMT
animejs.js
static.criteo.net/animejs/ Frame 5CBD 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 04 Nov 2024 16:33:01 GMT
g_pbto
1x1.a-mo.net/hbx/ Frame 595E 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&ts=1699633981740&eid=338f338ffec6781e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.70.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-70-183.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:02 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
ads
securepubads.g.doubleclick.net/gampad/ Frame 595E 		332 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=917218608026602&correlator=2936629311423657&eid=31079443%2C31079519%2C31079522%2C31079523%2C31078015%2C31079527%2C676982996&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90b_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=12&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D844df475bb5eeae6%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_MYcLTca-AldOlRnbxNPEw1wJlqeQQ&gpic=UID%3D00000cbf89a7250f%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_Mbx_oj8txuoS4whmloLukh8SlDFiw&abxe=1&dt=1699633981756&lmt=1699633981&adxs=436&adys=154&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=7yjoim9m50qx&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ref=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&top=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&vis=1&psz=728x90&msz=728x90&fws=256&ohw=0&ea=0&psts=AOrYGsmxcHBSAa0gXLEGnwXs9zEgEBGo3IUaaE2EdrkJawfTsCSPQXKwTgIFATrkxM284oz7-LaA8JRnLLM0cTAKmmh2RHft%2CAOrYGskLYzTFHcDyPVKwfA9Kebc6-BBHvERF_PNErNdUw0pwXcF5cDAHXXLk1sMcSLDm8olVhSP0zYt1mpMzhPrGlXjqLhfR%2CAOrYGsn9XWW1irmeZPXRrPFP6898OikeDOR03MqrHJRoK7rmGA1Gc5QXFCp_qXQEVhFSglQX2lF2HTf_erO4aAPeBKMTizHwvT1B6W4%2CAOrYGsnASuV1Y9gu3Ttaur8Xlcm6Mvn7N4leesOU7Fu8ImYkvVqh5zzrxw1CWfmdP-or2ENfmEV3CqA6ikdsAmztVEFQDELb%2CAOrYGslEvIm1GYm59ugp7kIdOrphXGjjumWg5jJG2-Ejcn2GXJxg2mLDibe3xR6Jd9yRE-Zp3TwHmk2QVFicQm0-O1s6YAoi%2CAOrYGslsjNvs1j0MpO9thgO-TjF2fLzRq8I7XP0qzqyjooEbxGikL3yeM4xegg9ggRZNaaD45Vn5448_UEEEg2LQVx5yv-ae%2CAOrYGskgY2KyL0z3chmRH7B4xqy4OS2vzRGhkoKdKQocYnW1baQSSfKSmkrfW1_cWav2CHoPtl1RQmriL4ccA_wFW_XiX0WVEmjNER0%2CAOrYGskwWtRNXI4TO19OEDbINzj1CopcMBjhMsHpKTy4K8NKA4F-9gzcyh1VmrgU-JMpCDwXuCON2ZOh6FeNzsJ0kJcnlKnWHgnPl40&ga_vid=233581687.1699633968&ga_sid=1699633973&ga_hid=1249276230&ga_fc=true&dlt=1699633969881&idt=1901&prev_scp=Domain%3Dksl.com&adks=2587397766&frm=23
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d169a32f9735778725565b463845e84182ae86df4a264119ebc06e87c5e24582
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
150
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 595E 		0
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame 595E 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 595E 		0
0
prebid
ads.yieldmo.com/exchange/ Frame 595E 		0
0
c
prebid.a-mo.net/a/ Frame 595E 		0
0
translator
hbopenbid.pubmatic.com/ Frame 595E 		0
0
trinity.json
apex.go.sonobi.com/ Frame 595E 		0
0
prebid
ib.adnxs.com/ut/v3/ Frame 595E 		0
0
bid
ap.lijit.com/rtb/ Frame 595E 		0
0
pbjs
htlb.casalemedia.com/openrtb/ Frame 595E 		0
0
unruly_prebid
targeting.unrulymedia.com/ Frame 595E 		0
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ksl.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.ksl.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Fri, 10 Nov 2023 16:33:01 GMT
g_pbto
1x1.a-mo.net/hbx/ Frame 595E 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&ts=1699633981804&eid=340674e58ad115fa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.70.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-70-183.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:02 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
ads
securepubads.g.doubleclick.net/gampad/ Frame 595E 		331 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=917218608026602&correlator=2813966172261933&eid=31079443%2C31079519%2C31079522%2C31079523%2C31078015%2C31079527%2C676982996&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=13&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D844df475bb5eeae6%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_MYcLTca-AldOlRnbxNPEw1wJlqeQQ&gpic=UID%3D00000cbf89a7250f%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_Mbx_oj8txuoS4whmloLukh8SlDFiw&abxe=1&dt=1699633981825&lmt=1699633981&adxs=436&adys=154&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=dpxejn9gvt8s&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ref=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&top=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&vis=1&psz=728x90&msz=728x90&fws=256&ohw=0&ea=0&psts=AOrYGslXvOnDh56NVpmdHPtm3FjyinbRCFsz4GzvTB9FiudePqNP2oE8An0v3rNnshGs7fEMJe7J_VM1n55zOAmx4iaGloSh%2CAOrYGskLYzTFHcDyPVKwfA9Kebc6-BBHvERF_PNErNdUw0pwXcF5cDAHXXLk1sMcSLDm8olVhSP0zYt1mpMzhPrGlXjqLhfR%2CAOrYGsn9XWW1irmeZPXRrPFP6898OikeDOR03MqrHJRoK7rmGA1Gc5QXFCp_qXQEVhFSglQX2lF2HTf_erO4aAPeBKMTizHwvT1B6W4%2CAOrYGsnASuV1Y9gu3Ttaur8Xlcm6Mvn7N4leesOU7Fu8ImYkvVqh5zzrxw1CWfmdP-or2ENfmEV3CqA6ikdsAmztVEFQDELb%2CAOrYGslEvIm1GYm59ugp7kIdOrphXGjjumWg5jJG2-Ejcn2GXJxg2mLDibe3xR6Jd9yRE-Zp3TwHmk2QVFicQm0-O1s6YAoi%2CAOrYGslsjNvs1j0MpO9thgO-TjF2fLzRq8I7XP0qzqyjooEbxGikL3yeM4xegg9ggRZNaaD45Vn5448_UEEEg2LQVx5yv-ae%2CAOrYGskgY2KyL0z3chmRH7B4xqy4OS2vzRGhkoKdKQocYnW1baQSSfKSmkrfW1_cWav2CHoPtl1RQmriL4ccA_wFW_XiX0WVEmjNER0%2CAOrYGskwWtRNXI4TO19OEDbINzj1CopcMBjhMsHpKTy4K8NKA4F-9gzcyh1VmrgU-JMpCDwXuCON2ZOh6FeNzsJ0kJcnlKnWHgnPl40&ga_vid=233581687.1699633968&ga_sid=1699633973&ga_hid=1249276230&ga_fc=true&dlt=1699633969881&idt=1901&prev_scp=Domain%3Dksl.com&adks=1332890142&frm=23
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36c2ce3c5fe8f87612b9a8e16716b42ca98f769ae99c2a8ace1a2a1522049f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
150
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 5CBD 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 02 Oct 2018 14:57:25 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5bb38755-b778"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 04 Nov 2024 16:33:01 GMT
0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 5CBD 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 02 Oct 2018 14:57:25 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5bb38755-97a8"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 04 Nov 2024 16:33:01 GMT
partner
sync.search.spotxchange.com/ Frame B1F8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELxjf505YBXpKM9eEw1C9_A&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame B1F8 		0
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame B1F8 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRCls6mZBBjhiZLwATAB&v=APEucNXRmff6qLoY80dZn04TXjc5lHo3H68ASY5sI_FIwsDgHZUXeVN8Ue7Fa7EWu9h9YcocUAjiN-T8_g3jyI2KfBsXAZfUfoCxWw3CsmYSSRoC_WwqDg31Ceppx7heY5u-CNfe5gKNJWtuP19gOFCFVlUz8Cmr8MFc67T8o8WJv2DCDA_ZDt0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:02 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 4F42 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Origin
https://www.ksl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 05:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38932
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 11 Nov 2023 05:44:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231108/r20110914/elements/html/ Frame 4F42 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231108/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 18:22:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
79857
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 18:22:05 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231108/r20110914/ Frame 4F42 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231108/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 18:22:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
79842
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11881
x-xss-protection
0
server
cafe
etag
5723174479369309319
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 18:22:20 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 4F42 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 05:44:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
38931
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 05:44:11 GMT
usync.html
eus.rubiconproject.com/ Frame CC8C 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 10 Nov 2023 16:33:02 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 4F42 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvI8LcQCdqPBcAui9l1KfvaiTABY3xFFWl0JsZDyXVAdscGVhAh-6qjNs8XJZLYmWOKbH6kdDbKgewHYB1hXj22HTrSd_D-KfNyGvQxXKM8UGwsDY9uaO1n9SMEzs4XjG0d5zO3gCQ7epLMzrVQngexqxBu9CrzQXtSAxvzmXHhnF882iZFGqoQJFRvDSxG92D2UB5GZ5gqBwlSLFJsH4wBwJ0JT_uJun67JYJ7gzJptvZ6LdqQUG39lyPQ1KJIhpFcIrKNSX6fUjgDI2TXKI3zPYQk7Tx4WvQQvLWvpc0u24bRAEcLwVeeexOL_NIkJoIACyHThluOla70DqT4DMisfqbLsFm3VR7YVlHUlBO-_TnonIU&sai=AMfl-YQ66Wc81lXJf_6S__2Kr66FWDvNwi-mO1c5Swj8j7b4pNvk8CWP-EkxPJvaSWNYdvwDR0JXAqGR0N1IHez9hnN-1T1RwKXaoTW-8bWxPMBf9s-xlB2SxVCZw57qN9w&sig=Cg0ArKJSzHDOhv7BMrE7EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 10 Nov 2023 16:33:02 GMT
truncated
/ Frame 4F42 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
37d4ded8f64e33ceae037d83ccb9660f094602571b84fa618feaf017af85f038

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 0429 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Origin
https://www.ksl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 05:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38933
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 11 Nov 2023 05:44:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231108/r20110914/elements/html/ Frame 0429 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231108/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 18:22:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
79858
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 18:22:05 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231108/r20110914/ Frame 0429 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231108/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 18:22:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
79843
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11881
x-xss-protection
0
server
cafe
etag
5723174479369309319
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 18:22:20 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 0429 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 05:44:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
38932
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 05:44:11 GMT
usync.html
eus.rubiconproject.com/ Frame ABFD 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 10 Nov 2023 16:33:03 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 0429 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupNnkcwM-HcRKG1I3hoOeUZe_XMFGU05Vwopf4M6UdFF4JkXVfXymkVmIXBQ9RrOoNzMmBEWSDVfvZm9b2K-ktWDVkGB31sU66e4vowNSXpA3TMBoLDrmoH51KMNDts1-f4ImgV8s5lnw1Rz8DbMmbdJQm-eJ4HVlvNLA8SqDq4VU_mZKeYPYTw83ul8gh5QkFsoL4Z4sjFutM3nERzHNL2UFhqaXdjDmc429x3U9qRQ0JMCZOtSN6BGFqweu1aHyi7mIFUD3iBizVG2YQ15ZFD9YNkKxd0KdaF0y8ogLsTXuoXfzb72hy7ClwORSmHXwrL1i_feOFHZH9I9NcByYwJqG2OPbG8pbjI6sJbIjeSXgDNe0&sai=AMfl-YQe0KhAgFzvhlBwG8FlwnDC6QWCMo6cXdVgG0GL9qIQEZ5dLMFWARqzZ2w6224soTbe_qMOHb5a6KX1qXZwo6FfyRxl49HwSD5SE2lh9vS3dL2QMLXPhu1RneBt5nc&sig=Cg0ArKJSzDYBrrQyK0QKEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 10 Nov 2023 16:33:03 GMT
truncated
/ Frame 0429 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
966dd0227f4d7cc7b0ec05dab35e82535e52beef35ab383078a60ec735c287e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame 5FDD 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9508013aa8cb5143b32e62558f116c06a909d285eace78f4fe2b0a1f3e84fb83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Fri, 10 Nov 2023 16:33:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Nov 2023 04:29:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42867
Connection
keep-alive
Content-Length
13280
Expires
Sat, 11 Nov 2023 04:27:30 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=176&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F1344%2F230413%2Fc53e5f9a71444a36ae4d74a664fc7269_logo_n_horizontal_4.png&v=3&w=256&rid=4&s=RE8HtntDWgFsbLmr7bP8raTD
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
82ebdecb03d2e4a25b910ac00ac28d93382f14f88bff3d0f36b0f9bbdf46fc22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
5337
expires
Sun, 13 Oct 2024 03:35:25 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F5026695%2Fda39fa951a3b472e81e4d9a7afddef5b_img_horizontal_3.jpg&v=3&w=1200&rid=4&s=IonQ0Rz4GxdUOn3snvG4mxnz
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ad54e385f13d99fe91efd355a8f361d597708094574152daaec737852989aef8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
49616
expires
Mon, 07 Oct 2024 08:40:30 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1536906164%2F18140036-zsccCqEI.jpg&v=3&w=400&rid=4&s=-lbqDDNTQmwzlhADyjRz-G3J&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9a3c0dea79451f14a44c5a391a08f048af08e1e77d5b9caf1ea343d5d850291d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
8922
expires
Thu, 16 Nov 2023 18:38:13 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1695026754%2F23080687-JcwiXf48.jpg&v=3&w=400&rid=4&s=jDGLi97kEs_W-WBKJdW1OX_H&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aa95d7c4057f2034487f58c9f4c64bc5fe563a488465299220a92da47dcfa709
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
68088
expires
Fri, 17 Nov 2023 07:07:16 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1623395397%2F21133182-sdlfOUnM.jpg&v=3&w=400&rid=4&s=SAXaJ3LQXb-aVlCF34BAd7v-&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9189b2c779e847ab5747c2a567990838435689f0abe79a0ea79c3690f3e7b062
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
12440
expires
Thu, 16 Nov 2023 18:44:23 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1677715639%2F23019844-lv1Jwcbo.jpg&v=3&w=400&rid=4&s=I96PRIxV1_xFIXtyazzh5QKC&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e031db33bec205e6458ed3b0f46e468f216493f77be9e359715b66df69f422fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
7764
expires
Fri, 17 Nov 2023 13:44:23 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1631261073%2F21131370-sy1cMEdN.jpg&v=3&w=400&rid=4&s=dWGofL69-kr6XWXmBzWpfqeS&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7be38ea67453b90444c7bf8ce2b7d3ebebb829fbfcb469ab6a59248ad3272f7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
8172
expires
Thu, 16 Nov 2023 18:23:45 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1548068400%2F18376568-p933E2Jd.jpg&v=3&w=400&rid=4&s=nJrCxS4kuC6vyQL_uhshYl86&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bbddcbf460676fae0e87a694e6282f74b19bcecbbbf1a9b655d28ea249e32f07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
12144
expires
Sat, 11 Nov 2023 07:07:59 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1674569293%2F22273893-xFVeBECB.jpg&v=3&w=400&rid=4&s=qCAm6q7-zjm6zidPwbrMnhUg&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
73cf3800e65a9afd21982a424d76a307c5a0a397c863df438d3d6b6c827663ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
19586
expires
Fri, 17 Nov 2023 13:39:19 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1663167346%2F22190927-LDWALrW1.jpg&v=3&w=400&rid=4&s=5R8Xsv0nS_gGs5XIoUqaWcZm&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
406cb9d8b78a968f2df0ee2709c42c3fe3baf4a0394e9f37c4ca0ad2ef5cb21c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
9782
expires
Thu, 16 Nov 2023 05:42:47 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1630303325%2F21207501-KFhDXQdA.jpg&v=3&w=400&rid=4&s=iMQtr7dc5A6u2r1jNN9UzZd8&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
283b284e31974e34ae4ec9bccb973d942fd6dd1e50f4999f40d02a6e6ae14353
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
12236
expires
Fri, 17 Nov 2023 13:24:39 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1689059774%2F23081348-5eiTKsFx.jpg&v=3&w=400&rid=4&s=_QQkYlS7rW2MO9Sv5K-7Yfoq&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
59ff38445b0eadd329b3e7097f2bbf8f0b946312cc396ba22ac0e0cc00741140
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
24252
expires
Thu, 16 Nov 2023 18:37:00 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1663167980%2F22190574-waRrmZ0i.jpg&v=3&w=400&rid=4&s=PLB8KLTDkvNh8VdJ8LW8sf30&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bf1cab3f199709f97990ae519a2f52f44461139795d15ca36378ddae582b4589
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
10558
expires
Tue, 14 Nov 2023 06:54:15 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1687521803%2F23112535-bhfLKKIL.jpg&v=3&w=400&rid=4&s=iFeZ0uDI0tiWnhdDap0VYcuh&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bc2e4399311edfde354d0e521aa53632a10745e1602c22197ba269fe7825de18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
17112
expires
Fri, 10 Nov 2023 19:17:43 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1669449702%2F22254784-the1f7o0.jpg&v=3&w=400&rid=4&s=iBcW4351lYZiQksUPVK5eAPZ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
df63a1696cdcca3ea276a39192c3e03b5b5f6f021e943a0111488fd2750e2302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
10990
expires
Sat, 11 Nov 2023 11:22:08 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1663169782%2F22192571-OBGTillc.jpg&v=3&w=400&rid=4&s=SGKf50Hb_CkMj3-sDAKnpKw4&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8336063afa451bb87a1caa09f93c34755f7c9ece5c22513eb3cc40094461585b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
9596
expires
Tue, 14 Nov 2023 08:43:41 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1527761914%2F18143552-Cfd0ZzRz.jpg&v=3&w=400&rid=4&s=ZaBVkMXNL5eo4f4J4tb-39na&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a9eb2486888ff6a00ba3d89f51de2f5b4f7d81d4c0f44efef65c9c612f8d6853
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
9006
expires
Fri, 17 Nov 2023 13:12:52 GMT
all
csm.eu.criteo.net/ Frame 5CBD 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=b5Q5J_0noQbn4PSlTIkybjjmezmOfqP_WrqVowuSIIylfLHd99w9dCkvW-93yDsqpt6C22nNMAcFivyxWw90St7ZimIltxa627ZnDKZhtf4qHmuytKSgd6Uy7FGXj8TG2G5p9imL6_fUI6JxUxy-3Q8N8xwqk6tkV1nlXJC4XVIU6A_R8XOq3uvcrhw71dR4bXoe8C_atVjN_C0MiI6o82Nd3DABDFLZKL8zddST1Nsl_rQCfKjvp88tQkp3VD0HD9Qjxg&sds=2&rev=89278&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 10 Nov 2023 16:33:02 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5CBD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 04 Nov 2024 16:33:03 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 5CBD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 04 Nov 2024 16:33:03 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 952C 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Origin
https://www.ksl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 05:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38934
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 11 Nov 2023 05:44:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231108/r20110914/elements/html/ Frame 952C 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231108/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 18:22:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
79859
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 18:22:05 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231108/r20110914/ Frame 952C 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231108/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 18:22:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
79844
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11881
x-xss-protection
0
server
cafe
etag
5723174479369309319
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 18:22:20 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 952C 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 05:44:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
38933
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 05:44:11 GMT
usync.html
eus.rubiconproject.com/ Frame 9576 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 10 Nov 2023 16:33:04 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 952C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPtH4A6A638tA9xzknvDea6Ak2QYYZ1FMKAEnW1BWgoYdv3NZz8JLc9xlYTYNP0psWbsFns1_FHxSfrhzPJ7Cm9kkH2ADOfx0wcX1klHTo_A-nIWGxVLZzpa1jZpi69UYIZonVkOnppALyh8SGIVNnVEws5kCTv3fGYoUBI7b1hXtdopVm2KBv6nGpf-adE2AgMItVrbVeBNBtVjWnkuecySyWXnKgixAEIFNwtI-kA5u24ZqgFQouRaWofa50u1sI-SOlVFKMWhbSjKYl3b9QoxUi1U8NzOPze6CVHWNzUIW7GwEGilCyNtlziy3008Py_PulJuzJogzuISWU4g&sai=AMfl-YTiT9ettOLtHRPR4ZDNRXmlPq3maVHDxIG0KerBWJBeBvCaZD8UrdIJ-0_xmxEDOYaQ-mDUigngUTCb7ttCNoy27ZMwBs-u2ThoiU5GAle6Zwe2m3sPc_jFAAN_ENw&sig=Cg0ArKJSzEEeuW0ZEBbDEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 10 Nov 2023 16:33:04 GMT
truncated
/ Frame 952C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce7e8cc0b57736b3f9d10828c5f7c6e2744c8fed759860b1c49fe322dd7de0a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 2FD2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstoG4QAiyO6TVUprRx8XOmCdk1TUQGedkCq417bcDIosh8eY6eLxuiZNV1fM30cUoT7_wDiAni60MckBSzzVH7WEBP7MnUVQSeDrhXFUYMsMBN3sW-9&sig=Cg0ArKJSzI3CxDNBt9SdEAE&id=lidar2&mcvt=3264&p=0,0,90,728&mtos=3264,3264,3264,3264,3264&tos=3264,0,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4283511922&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699633974615&rpt=6207&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=14
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E704 		0
25 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2402554832562&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E704 		0
25 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2402554832562&version=m202309260101&ct=76&x=8&cor=3700094749024771600
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E704 		93 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dh5yR8b5Uvyuo0BkSPJoWwA_DxHDnz_9bCXaEhErjW50j8dGPUn0pLhAnGMDdwl_n6SrSKDLndVoqU6ADtqZ5LT_d7-ZxmOs0mTqAAVwJPeQ4hC-43kpSteyAnIeM0QJBI2W5PlCOXBlm63dPtWEFKOiqqCIT0HgAxKt1l3xHOott-PgQ&dbm_d=AKAmf-DgMYydSPMyzwjdRppzDXH7ZZiJP7PEpf4FFoXtVttrUsi13TDbInsYGCm06tMd_-ayiydHFXs34z6HOKJvYBdCI-IpYDMO9PRpYMgysBYyMK62khDg5jwz6g_WHqg7JUb0pCA99DrQPTSWAC1VlQygUYMKDU-EH-ZKP5QejR8W6v8B8RJT-VDF4EhQs8AjNhisnLsofxAh5cTnG6S8FWCp4Qjm-EavZvBY8l7cg3G3TbmMx5SyOS33g8Ga4JHlbPdXnrOhQHQ7v9niRfBpiQWZ7T-wUPSRSCnatR4qFBtqGaoiDV099QliXMobMov3vzh5Pg_uXaNJmhfgSbFhA7JSTl-TbywbQPllHFyZqw6fUTk5SEoWenh9Rc6p-RDb2KEO28m07YR0XFD2xOWmZrVpkLlJZfnB9ZkRLSD47OgAWp3gExaI9FbS--g5xzGyKraW3H58DHtS7o_NNKzeY_7_kKTg4Oug56CJfghc5POqy1ehDZy3DGSN7mFBZhrwNyiT2gkeleOiBA-c3V_6ISGxIZI5rkt2vXpDEX4c-lH3TKv3Kr2WBZbi3FCaqUj52QLD_xiIOD6Ej06kYYYaTo7h_bLTS07AX3LYbxrHqFnRE8-CGYFU__KdgZ4uSZ_EZVtoOsovPa1PDfSpiw5t8WLDEDWw91QsGLs8dhf_EESuIveCxIetadePUrkp0gQpc9lvFpVdadCoUIScJ0Ddphdvap6A6Zf5Gc2Nn0v5OfGcXHCVvs-gje29nlPQdAvcL50aTpgsZVsekFDOCLTHuE_yRLsx5-p-wvs6CaOE-UPDskhpe5KXBJlh-alz_xOVk_mnRyD9AWrGbUm95mjw0sQg3lret4S2heWphA1HWxHsXbpNx7gKQgd5-1ojaBHSKCCek0WWEl5v0SvvZ_WHcoblasdtRQND8p4a4Wi_qSHRazytPvc1PvF3JLKXjksG96git168ICO38tyNkyIl02pHsoHih_E_mwr3myYT2LMI01w-fLuOOe_1A1w7EL6OPNaFRaaRsyyLwCWXKX1f7id-f1P2cwOE6n3ROGwkj7AWP7NNWONgedD8My2oSSRkBbfyRhxRAlVASay3a_uLY6FXuXKmcsKMYD974hbAPCVzdd5uPGeaPcJv1GO0-W75-7QyRDxRwqnxrvfBT1G4fLRfTeaGktOfziSR0GK_fN55YfWjZHdeJApEAtFQg-PVUoroF9uyX-0Xduzk3lbpGusuMg0QowV6ZuRb_VAUgZaGL8aofrzvkalixoCqk7unq_b2U5LTTkJzaSTzFR42EpholiwI_6LvCcJPe0K1OPaqo6DVQqZwHIJwi5IVzPc91LRGrvoBcu27R9M0r0DvQVzD9rGgKrHJtmEieKpdL65PtV9d9jipH-IJi1Xb_tIr9DjImS32JWsXZaRqk1SJQxtBE4Wj01GGFl7XmLdorktazJ77fFsHyHqoIV629r3KhZP1ZOdckzPNiEN6LDb0fg_4yx4Sjl5gTHnQyvfg1Y_VkBsvtUa-W-z8aNxuiWW_ZBFWUwP8PSFrSTK9y23ZuHTarEEGmACIbk-dAQUlfzk1PvgFvocdbq9jf460KmTL3bsO3n4_IfyZtc3EGz8t7ihTdxh7OE8zrkao12lTe7douSMPUHCGNxoNTOZS56zfnvnMUNRLgFws_iLK0RARIdSCESYQI4tska-5QIL2VZRbQV8lr4U7Ej97F9Axol78E67fUBCBQ0IlUoOXhOafpt_inOWz7D5sPJNP_YlFZCoxQPbKDQcHCPu_RsU2hX4LmGy_diLMpysuW8SUZFHekeIMJph0V8v9OQfpz_1G_g8WoCoT3ry7rwhabR8l7RWBjXbQ-8qnUQEHvKPlYmB4Isk9e51ucOZsI9wITrSFLYO7XumlWEnlYbbxjhX-mm1lVBtvA1mcDorgd3Qk5oNSQ5UJikPqHbXzxGXckWyuayGbmk_2mrDvdWjenz1ywYL4Uq8Ln4WaYlH5-Z63Sr-nrED0NC7RLxcFMVV3687jCK3QCxiwLXRWeCK-d7y-Cqeh4lDbcFRNkr_yTr47dYuTfCHaigj79NZIKufTnMPxNwKZviuzO1AP3verqLA1NaHdduUbf2xuor0wYt9uvIg6aCHKhZJzc3kmZV2TP4s6cztp9Bu7F-xbt02oT73Qp2qOtkaeFyKoHeAXd_eb-ag_vlJ44vmLAwbFLoblgiFLEbVpgUgF8VedzfLtLIFQ1xkQAGyYyrNJ52U1pKmBdSoytIjSX3CR6E2JiwqXngm9HgvntAKup_nXHQJc7sOh_xCuXqQw7UV8RpX29d-GBj8EphBXiH5QxQYzQm0Dq8-cBsbwpyK3RS_AYxiSdK9mUXYQJugO4bBoFbDGt_AWea9n0i6HEIql3ep0rh1iUD2ZHIQeVj-39Gs6_Zwcv3GBu2xX1enzzgjetvuGcogjqlEBa5yZF0ZGAbPmp0UaiIb4VyFkaOwdkbyD-ZlXVUXnb75x1vXXmTzcvE7UofU7erN8aUH009x1ywkPgidVdNaRw0UPMh71chB_CIcsmdRd1_CbLOtR40YriRRHQo6pcbujJvT_qHC8rLNflTYz6VhbETkmT7YsV3HZMbnV1MWBSyB0ruhmuMP5JrwFAoeyfczfvCciBfmu9yUE70676n1Md59EpMzRBPqq6-qylSLtFXgZNzYuBK_nhiBcL0celyeB_Z_2njPLZMOPLqgVpOwglq78licuYpBMB8vry6Gh8_2wvmEJGIfBTn3Y7YV13yJnnlI48Ose5m7ULMoe4ooDE5760ErOGhq10-LBj6Rb4yatLFhAiWg5D_4XEMDkX4xBuMlqoJRDJuz5_Za_0NRXbGr7d3tN_0W6IrkxQEMAX-LmVKZXZtuQejvWK14Ar3u7spo6fgKXU3ssyRI3ijM0D4txME9GfB1oKrSRPHi2bQJIWMZD65xXHFTk36dk3KuqPKmI7URgPbXX4qkHshWe0CTkKJyd-7jXX9clSIYdhqrIAFns7mj7vmOn8OScWTZR96xA8FKgDnBrp--vpCCQ9Qh0qE2DMI09oX69Wl8htatWcRxnoVLA1a4d-1cGw9EdLAs9KDj2inCiljjPBxs3vWmMN2lXY2ZaPfGcy6BHEbkBZs4appQRBwkMC72StpQtEPQ-f8X1J-H5Cl77PDLjlj9lY6CP9I0Pk5Mlo_0E3vbk4rYgU-KXNNGKBWJaVKSgsia7Peysx9V6UsqjqJ6GqopATKEUdtMD9Hpe90MlyK6P4mWYGcwTCv8xUUjcCwIJO9rmEDEsNTe3o48jVdsh5UBcL9R76Z_dc5ckW_QZvrdOlOzJwWYvdrLYqt5umC7alX_8GL9NsmryJykU-J-fjPXE3U-k7So6KEdO_JvDUbadkkfSdkq4J0viepOjRnhJBlU-mKrJibjKuLo1AWdsHxM1xlTtLzeYmFArwsPTBhPtIeWEwhBU6pQAL5VbfOeW-3ZuuSR--ubffdhEM0bLpABPFqYRPgw_JJRrwrg2Qlk5XhWinpQpCwYkYCFfRCjDbiO8t0X4W3zoSPOV7vmcKdl4V-q7oEWedDKMDS4yI6yRnVJyQP9a-hjwQqjuDyUMG0qHQf-1ZFxZvyYA2dAs07rC1HGTIAGQQEGtAk_YUeKcycE-2H4_Zy4Op66JacBksCAMZ0JMlppmf_Xw6Hrf6Sx1BVJH4a2X-LTg_EqSqUX5WEqGxYSzRis7u-yku7o5xmsme-xj3bf5a5j9MK6vYoMf4cXtMzyck1fvPaR74eS0SIfFlcr-kh7i8sPTMc0XjoQI9BzKh3LWO8h7zrWbRJSe-rAEPCOfkhS02eOhlGOQXn9uAV5jST97HAwpSWDSoa950W8mek0KVBmfK1gAXqYy_a_A3ZVuWpFvDCa7TVoEpZwyJ0rWU4jHgBD_EcucSIcOiM1PQQqxRyZNy7nFdT76UaupLpMCuL035Nn-Ml5WT4NSiAOQ&pr=8%3A2258C73E8AAAA152&cid=CAQSMgDICaaNy8cAc8d_yn4efP4PpQmMoQrR9bz_LTCfCB5zMhqRaqt53ljlctk6-etVPwfSGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ds=l&xdt=0&iif=1&cor=3700094749024771600&adk=3143496071&idt=126&cac=0&dtd=33
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
30b1dd9c4b0f94848b8397ff2100a82510576c70c3db0680a167c4e4f57d541f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39605
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
g_pbto
1x1.a-mo.net/hbx/ Frame 595E 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&ts=1699633984175&eid=341651d640ec1171
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.70.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-70-183.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:04 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
ads
securepubads.g.doubleclick.net/gampad/ Frame 595E 		332 B
184 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=917218608026602&correlator=1111144173808048&eid=31079443%2C31079519%2C31079522%2C31079523%2C31078015%2C31079527%2C676982996&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90c_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=14&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D844df475bb5eeae6%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_MYcLTca-AldOlRnbxNPEw1wJlqeQQ&gpic=UID%3D00000cbf89a7250f%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_Mbx_oj8txuoS4whmloLukh8SlDFiw&abxe=1&dt=1699633984179&lmt=1699633984&adxs=436&adys=154&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=jwk8gy4rdluf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ref=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&top=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&vis=1&psz=728x90&msz=728x90&fws=256&ohw=0&ea=0&psts=AOrYGsmxcHBSAa0gXLEGnwXs9zEgEBGo3IUaaE2EdrkJawfTsCSPQXKwTgIFATrkxM284oz7-LaA8JRnLLM0cTAKmmh2RHft%2CAOrYGslXvOnDh56NVpmdHPtm3FjyinbRCFsz4GzvTB9FiudePqNP2oE8An0v3rNnshGs7fEMJe7J_VM1n55zOAmx4iaGloSh%2CAOrYGsn9XWW1irmeZPXRrPFP6898OikeDOR03MqrHJRoK7rmGA1Gc5QXFCp_qXQEVhFSglQX2lF2HTf_erO4aAPeBKMTizHwvT1B6W4%2CAOrYGsnASuV1Y9gu3Ttaur8Xlcm6Mvn7N4leesOU7Fu8ImYkvVqh5zzrxw1CWfmdP-or2ENfmEV3CqA6ikdsAmztVEFQDELb%2CAOrYGslEvIm1GYm59ugp7kIdOrphXGjjumWg5jJG2-Ejcn2GXJxg2mLDibe3xR6Jd9yRE-Zp3TwHmk2QVFicQm0-O1s6YAoi%2CAOrYGslsjNvs1j0MpO9thgO-TjF2fLzRq8I7XP0qzqyjooEbxGikL3yeM4xegg9ggRZNaaD45Vn5448_UEEEg2LQVx5yv-ae%2CAOrYGskgY2KyL0z3chmRH7B4xqy4OS2vzRGhkoKdKQocYnW1baQSSfKSmkrfW1_cWav2CHoPtl1RQmriL4ccA_wFW_XiX0WVEmjNER0%2CAOrYGskwWtRNXI4TO19OEDbINzj1CopcMBjhMsHpKTy4K8NKA4F-9gzcyh1VmrgU-JMpCDwXuCON2ZOh6FeNzsJ0kJcnlKnWHgnPl40&ga_vid=233581687.1699633968&ga_sid=1699633973&ga_hid=1249276230&ga_fc=true&dlt=1699633969881&idt=1901&prev_scp=Domain%3Dksl.com&adks=658150668&frm=23
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5b86a09e416e39340678461936df79efa5c34210bc9bde0878e7fad5d31b556
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame CC8C 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9508013aa8cb5143b32e62558f116c06a909d285eace78f4fe2b0a1f3e84fb83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Fri, 10 Nov 2023 16:33:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Nov 2023 04:29:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42866
Connection
keep-alive
Content-Length
13280
Expires
Sat, 11 Nov 2023 04:27:30 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 9D4B 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Origin
https://www.ksl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 05:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38934
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 11 Nov 2023 05:44:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231108/r20110914/elements/html/ Frame 9D4B 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231108/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 18:22:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
79859
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 18:22:05 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231108/r20110914/ Frame 9D4B 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231108/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 18:22:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
79845
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11881
x-xss-protection
0
server
cafe
etag
5723174479369309319
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 18:22:20 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 9D4B 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 05:44:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
38934
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 05:44:11 GMT
usync.html
eus.rubiconproject.com/ Frame 45E8 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 10 Nov 2023 16:33:05 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 9D4B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssT7WcOqz4ACC1FB0UOB7BtOyEpWerJLKVt016d0yTz_wGTK3fgn8mmh0bN7Xh698Pi0a6_FIm24U01elMuV-bUIIx_p4f_hztHoEY7Ex_3QWorAV3gQ-KKlkNiM2oZNOdR1v9zARLCYuq4c8oRdEs3Y6XV1k4OZYPJ8cZMj8OFj2yXSqYERgRqnY3lMuIEyiSjxOyC5jfoS1PCmhw5ksqwmzSKCP0niMLB5GQnoadIszlPjl9_wHM9c_TBCGtmXmMPySoI1PTNA8UTDHLcuuCppwbsLeLBD6dH_xECLNiHKyP-PWcrBBtNOrSne6uqjjbr8xSCbp_xBHNIdvnC9g&sai=AMfl-YQI2bxZhzs1beQGsoXrj_q6kZNM7CGTobN0xhuVYbAR_gtg6iFh_lFXAOrTXIXw5hePDylJn3tA8gHcR6e2yeYxjffsbFGMIk56Fq_jyMg6QuwWe_SoA7iJtN4TlSc&sig=Cg0ArKJSzFcvedWlpV4FEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 10 Nov 2023 16:33:05 GMT
truncated
/ Frame 9D4B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72ea9d7aa328355120e12223f236710f9c1ce2d32109e99aab08d6d2a3534f1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame B3AD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstTjdseE-tVcfhKk9jT_AJkgHpyfn_vX2sjVGHQOYjxMWzfiOHfa_uE45fDorDifeBVI0QQ_3HbrB4fXYJI9RkNTFlmDdsQx1oGYNpG2efs67FnejOMVN-cVgthlD6D_W4UKul0dOpZmg&sig=Cg0ArKJSzKRREE13zVqBEAE&id=lidar2&mcvt=3371&p=154,436,244,1164&mtos=3371,3371,3371,3371,3371&tos=3371,0,0,0,0&v=20231106&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3085048810&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699633974711&rpt=6978&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=14
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame ABFD 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9508013aa8cb5143b32e62558f116c06a909d285eace78f4fe2b0a1f3e84fb83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Fri, 10 Nov 2023 16:33:05 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Nov 2023 04:29:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42865
Connection
keep-alive
Content-Length
13280
Expires
Sat, 11 Nov 2023 04:27:30 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1536906164%2F18140036-zsccCqEI.jpg&v=3&w=400&rid=4&s=-lbqDDNTQmwzlhADyjRz-G3J&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9a3c0dea79451f14a44c5a391a08f048af08e1e77d5b9caf1ea343d5d850291d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
8922
expires
Thu, 16 Nov 2023 18:38:13 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=176&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F1344%2F230413%2Fc53e5f9a71444a36ae4d74a664fc7269_logo_n_horizontal_4.png&v=3&w=256&rid=4&s=RE8HtntDWgFsbLmr7bP8raTD
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
82ebdecb03d2e4a25b910ac00ac28d93382f14f88bff3d0f36b0f9bbdf46fc22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
5337
expires
Sun, 13 Oct 2024 03:35:25 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1623395397%2F21133182-sdlfOUnM.jpg&v=3&w=400&rid=4&s=SAXaJ3LQXb-aVlCF34BAd7v-&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9189b2c779e847ab5747c2a567990838435689f0abe79a0ea79c3690f3e7b062
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
12440
expires
Thu, 16 Nov 2023 18:44:23 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1695026754%2F23080687-JcwiXf48.jpg&v=3&w=400&rid=4&s=jDGLi97kEs_W-WBKJdW1OX_H&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aa95d7c4057f2034487f58c9f4c64bc5fe563a488465299220a92da47dcfa709
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:05 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
68088
expires
Fri, 17 Nov 2023 07:07:16 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1677715639%2F23019844-lv1Jwcbo.jpg&v=3&w=400&rid=4&s=I96PRIxV1_xFIXtyazzh5QKC&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e031db33bec205e6458ed3b0f46e468f216493f77be9e359715b66df69f422fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
7764
expires
Fri, 17 Nov 2023 13:44:23 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F5026695%2Fda39fa951a3b472e81e4d9a7afddef5b_img_horizontal_3.jpg&v=3&w=1200&rid=4&s=IonQ0Rz4GxdUOn3snvG4mxnz
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ad54e385f13d99fe91efd355a8f361d597708094574152daaec737852989aef8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
49616
expires
Mon, 07 Oct 2024 08:40:30 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1630303325%2F21207501-KFhDXQdA.jpg&v=3&w=400&rid=4&s=iMQtr7dc5A6u2r1jNN9UzZd8&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
283b284e31974e34ae4ec9bccb973d942fd6dd1e50f4999f40d02a6e6ae14353
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
12236
expires
Fri, 17 Nov 2023 13:24:39 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1548068400%2F18376568-p933E2Jd.jpg&v=3&w=400&rid=4&s=nJrCxS4kuC6vyQL_uhshYl86&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bbddcbf460676fae0e87a694e6282f74b19bcecbbbf1a9b655d28ea249e32f07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
12144
expires
Sat, 11 Nov 2023 07:07:59 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1674569293%2F22273893-xFVeBECB.jpg&v=3&w=400&rid=4&s=qCAm6q7-zjm6zidPwbrMnhUg&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
73cf3800e65a9afd21982a424d76a307c5a0a397c863df438d3d6b6c827663ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:05 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
19586
expires
Fri, 17 Nov 2023 13:39:19 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1689059774%2F23081348-5eiTKsFx.jpg&v=3&w=400&rid=4&s=_QQkYlS7rW2MO9Sv5K-7Yfoq&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
59ff38445b0eadd329b3e7097f2bbf8f0b946312cc396ba22ac0e0cc00741140
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
24252
expires
Thu, 16 Nov 2023 18:37:00 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1663167980%2F22190574-waRrmZ0i.jpg&v=3&w=400&rid=4&s=PLB8KLTDkvNh8VdJ8LW8sf30&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bf1cab3f199709f97990ae519a2f52f44461139795d15ca36378ddae582b4589
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
10558
expires
Tue, 14 Nov 2023 06:54:15 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1663167346%2F22190927-LDWALrW1.jpg&v=3&w=400&rid=4&s=5R8Xsv0nS_gGs5XIoUqaWcZm&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
406cb9d8b78a968f2df0ee2709c42c3fe3baf4a0394e9f37c4ca0ad2ef5cb21c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
9782
expires
Thu, 16 Nov 2023 05:42:47 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1669449702%2F22254784-the1f7o0.jpg&v=3&w=400&rid=4&s=iBcW4351lYZiQksUPVK5eAPZ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
df63a1696cdcca3ea276a39192c3e03b5b5f6f021e943a0111488fd2750e2302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
10990
expires
Sat, 11 Nov 2023 11:22:08 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1663169782%2F22192571-OBGTillc.jpg&v=3&w=400&rid=4&s=SGKf50Hb_CkMj3-sDAKnpKw4&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8336063afa451bb87a1caa09f93c34755f7c9ece5c22513eb3cc40094461585b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
9596
expires
Tue, 14 Nov 2023 08:43:41 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1631261073%2F21131370-sy1cMEdN.jpg&v=3&w=400&rid=4&s=dWGofL69-kr6XWXmBzWpfqeS&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7be38ea67453b90444c7bf8ce2b7d3ebebb829fbfcb469ab6a59248ad3272f7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:05 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
8172
expires
Thu, 16 Nov 2023 18:23:45 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1527761914%2F18143552-Cfd0ZzRz.jpg&v=3&w=400&rid=4&s=ZaBVkMXNL5eo4f4J4tb-39na&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a9eb2486888ff6a00ba3d89f51de2f5b4f7d81d4c0f44efef65c9c612f8d6853
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
9006
expires
Fri, 17 Nov 2023 13:12:52 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5CBD 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1687521803%2F23112535-bhfLKKIL.jpg&v=3&w=400&rid=4&s=iFeZ0uDI0tiWnhdDap0VYcuh&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bc2e4399311edfde354d0e521aa53632a10745e1602c22197ba269fe7825de18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
17112
expires
Fri, 10 Nov 2023 19:17:43 GMT
usync.js
eus.rubiconproject.com/ Frame 9576 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9508013aa8cb5143b32e62558f116c06a909d285eace78f4fe2b0a1f3e84fb83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Fri, 10 Nov 2023 16:33:05 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Nov 2023 04:29:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42865
Connection
keep-alive
Content-Length
13280
Expires
Sat, 11 Nov 2023 04:27:30 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4F42 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1nWQRq010HE84zXOgttP7p9jYoFBRUyO0CUqHGmE_uBq3MgFlblg3x02UX48fDmPWqCt2FbYAkuHB7b8rPG-DCgQ7U6ve4zY4icHcXN4_RPTFLzZwCTG1wRlvBFGwbbP_WXjc60g-9A&sig=Cg0ArKJSzD3bJz8JSW81EAE&id=lidar2&mcvt=2621&p=154,436,244,1164&mtos=2621,2621,2621,2621,2621&tos=2621,0,0,0,0&v=20231106&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3272850789&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699633974897&rpt=7676&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=14
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0429 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHZKK3pDdKOMLPOwXyzSUxQXNf6IbytCuDRFmBzCjtQVD6zJRr4hJeE6mvEVZ9IAehAmjNx5LXHDrgXjUtiMPhLufC-wY04jUvqv_we3c_cRDxniNMZkXVOnxeV68CPK2pqBWOwWhVug&sig=Cg0ArKJSzFVVeSS-kga1EAE&id=lidar2&mcvt=2004&p=154,436,244,1164&mtos=2004,2004,2004,2004,2004&tos=2004,0,0,0,0&v=20231106&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3516126248&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699633975104&rpt=8126&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=14
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6281 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRTV5m4awWaq-eAYK53l-TdMuM_gvOtoo8z4pVy25QzkMBhg0bKs90mCA0VswkyKdleDI858jZLHpsbWlgzo6v1eluEZbez_PqXNuvQoFzE_9lufL2fIe6evkmatcpXp-8tTO7N9mC3Jq7d19CVPcWzD3AZyclgbR93xnKNRf-ofeMQc-57l3kOlt16Iz5ytGhDngjMrMhmyO7B1mbc4QQ_69jXy2j9fRlpzdUhwVpbJmBTJCcCJqUAxrOTBtX3O_f5aUp-4UmeNBXfwL-FbUs7u_FiEqmjV8ld24bphOwzni6yBsNIdB06w37s5fcUKFba5MKATc5lXZ0BW4&sai=AMfl-YQnCUlXUNds3XAsAqLYNFepm_RBti1jlYJhptKslziGYcbPyEAEQrNhFbw4osI3gV8_MgvaAKIUQRu_S_P1BCzUvbEbUpxZjBGd2gwqzGR2SxsyNpj2ma5NuetJDMU&sig=Cg0ArKJSzESCetJa0LRLEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 10 Nov 2023 16:33:05 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6281 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231108&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.ksl.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee22247eda3ff046c758f64a934a338d779fb732380a04f747ea6815c61f9d7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12195
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 3286 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZjPXL4Vv_CXshYBpg7nByluLGqq8FtvMhBFvTO32Sv2Qmba6Pq7SxUr41Z_OI3CXQthekp-KrlxO2ye8f91X3ChF2gUnrFf_vxOIRengCgMJQkJi8RimR_g3C1vUcGCwTG-kqNjcRX5QSneEDdsk2wv01xIiYEb4KNQ8lK0u5oJ8fHG24RlOvDpzA1LuqkTr7DNe7TQXJcEh03NpFbPgmjInAfxF3WOt3k9jz5V0-waTtdtcO_9lpJ5uXomRbmFTqwcc3E641otVsRtwCNuRqbKlJxGyzSRl5bH-0oU4w8-G2GK0GfRqlRe0QTkp2Pg_XOC1QobTTRzDPSp0kJaWMnmXThJWtLm0M6079r2p_uXs&sai=AMfl-YTO_dmFcYp6mvVg1hu8x8lIH752ZZzk48JpEAfib5RXnpVi7zu_jGwsbFKIfMbvy7puPsvSdivWN1iTy2kDbK8F12_tBoUgtiI5GFdTmGqQbbVMv-1ppOEffsaTH8k&sig=Cg0ArKJSzNCZ6mVtz4ZxEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 10 Nov 2023 16:33:05 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3286 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231108&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.ksl.com&bust=31079474
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f8b446aecdfa4ae0d4dd35da0fa5808c539cc1fad1545368150f75a3b70a02c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12321
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame FBEB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvP_J71xsfJ5WpmgxCNuzVucOhHIyHkcyJDdK4j7xK9vhFYyx09-iLqs1ccithDqZ0ihAdg-C0Vn2XIfIdPykevf9jSiytsd_kP676ZS7wGjXhK9MmghyWgjLcXffA54eEDk2geXl-cYK_OYmYArFclCVdPhUP91pYCAYGu5SNt3KYBD8BK97Jb7sddVy6JH00RG8rY1-uNPED59UbMarcGmI5k-RaQ3UlLa2TWB15GLzA7R1UINZFmj1ljsi0fvsLpZHXBXvY9U9-wzesQhfKYyZoABBl0nxtoqIyis-ulcuHhpnBqm5rHOpk172F439mz6IazJPmFpPcEDLrSmvfAtqjyJJKOTOE-x-G0ujstU-8h&sai=AMfl-YQGeClUL3kzWx-lnMDMk5-cMhXga_zb4b8DGbZvLor6CK-hyQigP6eQWUaKA4-CVPU6_fTiwqYmqsoVG7HSWxjmhnombDXCMM9uF31x6LJgT-yJKvCyYZ72D6HyEmU&sig=Cg0ArKJSzDajFpsCE7OjEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 10 Nov 2023 16:33:05 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame FBEB 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231108&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.ksl.com&bust=31079474
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c698b08b0050a8de67a2a2b5e6d9f344a8424dc5c19972a84e99e3bee959e394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12307
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 45E8 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9508013aa8cb5143b32e62558f116c06a909d285eace78f4fe2b0a1f3e84fb83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Fri, 10 Nov 2023 16:33:05 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Nov 2023 04:29:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42865
Connection
keep-alive
Content-Length
13280
Expires
Sat, 11 Nov 2023 04:27:30 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 952C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssior6WV7KUltL0pz51fBKGVlWMeuATy-GkfRQh0rso9BNFfxEIBQN-pod9ZwS1S9r3Bq2gTnjfn1PsGnUhIhVoRZGlJtauUAvU6T-L3FgOywXW5oyJxZ7efCL1G7ANW3Tuiv51AS-nfg&sig=Cg0ArKJSzBYJdJfDaF2_EAE&id=lidar2&mcvt=1302&p=154,436,244,1164&mtos=1302,1302,1302,1302,1302&tos=1302,0,0,0,0&v=20231106&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2445953488&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699633975578&rpt=8475&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=14
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B3AD 		198 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a65f93d72a5269c2a062899bf5c8de7851468f034d321470d46fdaa99d15ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63768
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:33:05 GMT
index.html
s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/ Frame 2F5E 		81 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d44c05fa125534732583be51fd282ba81f36415446b59a1c797964dcd7e68bfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
47465
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20447
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 03:22:00 GMT
expires
Sat, 09 Nov 2024 03:22:00 GMT
last-modified
Fri, 11 Aug 2023 13:27:55 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame B3AD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssGaGGLqBo_-GRkxz9zkZuLpHL0drGyInWDtGYknu8nRJXarqqppZXNbeH6ya3lVklDr6P97ubB8-ef1UIaHLd2rmX2UJYv-xnU1ehJtjZnuHF9WMyHyBpwX0FDAnnJnl46YzVh-FGvZFrHlsd7cVPgIMTANTPSjKIjrwwdrOpCzWHhHcF3cOmmWRfXHA8W_7K9SG-qjTaktxGVGaL0bDfDGJZPIwXJT5IhJzCJDPh1h93FCAS5hvmlD9YWjpXki0NyN_snbiNBfJZAHF2u6LTeETxwx0CfmBr2lqw2VIw8twABIYGBT9i0QOCIQz1JtREuIimfohSrXjU2mkQx0QD_sdmVypXNIOboimtHqyHy3X35IGaIS-vpC4TN_l5UFwRG8e4MWtKiVuM9pyhEFk5vbxpWTx3qxYP0dLxkAec0H9okAMavffMHcfHbVIuXQYyrtopBWQ3ISrzhUHyd3P1pMHw06VrPoBawiY_bdJMHmmz3AzsFx94zWNhsrP8CnI1bnlE0tO5IeC5EP2Uf7z_Kv6Jyhe-peZu-_p6U7nB7Dgba_Ygd1tSFiynOxq5oEwMBvXXGzOnnDiXz_5zVKS0P3QjQbqDaxUgZFUQzI27bZr9ykLLaDKdlTRdtfiTIzHGvet3b46zCnDTLygmKR4cKh9ZN66UpbknN8jH9Fv51YkXEdEuDXXpWRo5CqWdNFXasdjjummV5VjXDqFRsUgOWsnzh8oMwgO355ehIIVl-g6Xs6N4vOzbMJex89rCKKQnFOy7ueyO2Uto9VGMs_mQmPNWwAJx9SkD2ABGiJGb5kimqnZC9gc-mpqc1EAvJrN3EpNM2ewRuyeZVJFS5uXGFRwl4YzMqdEI97XOKUd0SsVOJ9hZ4IAU8J2at5HaO2b83gk6VD3qPGhkMLb58lNGlrM6cwh2yXr0AoWPQ8OUzbpZnMjvNSXaUT8DBdbA7wEeF2Qb9b4uS6_vr2_Hq4kgbTAo_icF37EGia_QxMPxvkTRqkO5qXvI8Rm2pzZdMmz6l9Im1n0DoANyeXKHXoOLY62epaKoTq9maxXc2lqkiuAjarJ6UD1RKjeC2KvfmX3t5O9u7gSG9rXZP6w1giPQLb4PLg6sCSQlmkZ1jf5eU0ImnsfeoU4A5DBHxltYm6e9bpgEllm4OIEAbRm_eEaolBTQPoZyXjIxw-QlPj2mmqAvtVVzK52vx7QuZDxDwqjLJiZleEGpZHImdylBlRG4AJqi_qi6IEsZPs6mEHTPN1o-ZCnv8mQj-rDsXH6lpT4WtQW0XwZlO7hVdN1zvf3zj0AEX4ha1G4utnl9mFKyUyRPA4a567mfRACzvTFC9g_k681caDCvuOhejK_RXz2Q&sai=AMfl-YQ418_L0u94XH57gedFi_i9mLbGLu6PytNWzNDGyEfecpgXXiL4IXIlU1SHchEdwYhICyX5hHsKvjZLpoo6Y09AUwGbPjXqFSdp5cYB_1eaBoMtA07usajzOnt4Uus0FvQMP9V3VO_xQv3DpBymbXO1dH-eaIR1ZHxdHCixUgddSatYynHQh6gM6iSnBYy69EPXRZFR9amRMpcN_VY0XrVt8JXQWy6n4GTJv_wuT1QviYzYq9oJ96mBP88&sig=Cg0ArKJSzKNdC-2ULFBVEAE&uach_m=[UACH]&pr=8:2258C73E8AAAA152&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3835&cbvp=1&cstd=3781&cisv=r20231108.25866&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 10 Nov 2023 16:33:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 4F42 		198 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a65f93d72a5269c2a062899bf5c8de7851468f034d321470d46fdaa99d15ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63768
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:33:05 GMT
index.html
s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/ Frame 3913 		81 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d44c05fa125534732583be51fd282ba81f36415446b59a1c797964dcd7e68bfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
47465
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20447
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 03:22:00 GMT
expires
Sat, 09 Nov 2024 03:22:00 GMT
last-modified
Fri, 11 Aug 2023 13:27:55 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 4F42 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstupoAtBTzF3qAwABZg9x5kArX6GWtpIB4OSBQPd2p10k7zzyDfQWtLpDgarRuo7xxrcNAA55vh0pYCyG_8NlWVyYXLJ8wihtBgLavnfpuzt1W-7Gj87PabbG1vYOzKi6jkh6ei3Fg4ICtJITEzzuI1uYSpdNOjRPadxljDb_JjH1ZMeOLm1pT_1MBqFVTVzShnmJBER9ehmWE99lIdSaHN0HtZfOSFamq_sjfDG_BXh3EHwXwHSJrMzpgXZ90ZCwNYFZqf5_Op0PcRNVlM2vE9E-fLXkLqg5nF2Z4g_NaR8tgw6WJeDlNEPHTfR9YDpIcYIhho2xtgFqqJp_is1Kjq0I7Y9RzL9jRxuEGiiGMd9TsPJGUsvSs1i89Yoj-QVKPjoLO8bHZVlRSBb449eKg0C-xhJaEl0u1yeRN5R3baKsz2SFdJPPfmJk1kEo1LUsa2JI2oyiGsupoq7R0uAYrRi-ag6dRLqQ4Xpf4T06Ly5N59ld4T-m-Pci5OpIf5EJvc2xqRrNqLBYkb-Yy8RpLAZjvFvaxXWVz5k0CLJvSFXyTHNYQpJ7P1fY4EVpb8jyCyBEYN2rJZY4TIEPcv--27Knf42ABgbzTIOiWEPCPtiwgFQ2tNdTozSA2vnt0QQV11L1Ab8feb9fOfqPkox92RQHiY9ApBbnti8c26CkmBpf0KzejiHBkQTGwnzYd_2l9qsLfFnUfwV6pz9aq9In7zdvpsYVlf_Rve-9ojp6A-JkpuFjQAgYB2-KrWDwneFjTh2JhtAje2A-f4jzLumfFhcgKzkygyqTrr77Uyk3dOKU2LlNQltuRlNLSdQrTNeYKfltq-lbv0seq_DzaVYw3K7DHQ3X05CoDzg3EovrPFYyzzCOrLwS-M0Cu7yzPsAZN2E8SWENTsOEVEZ8TI-_cPpLslFM3EUZn674fJ4HSmcvwDJAHn6cfZ9tp7zaKnXm5DeW7A_GoG61cKa642l5PaRpaYPoLKI8lAK3nRK8GSgbKk3GJGiHz4ToQmWuJAEOkYVqoT4C16mIvcZIHV0xLkMK5g3cuYTwl8XDla10FfcUPiljFP-c6w3IjPyJj1XlgPSJw7-izjvf3uzz9R5BtJhF0QITq0iIMOUdB8gor6O9aBNEbVUcdo1bIH1WAgnexMdiR1fNdeAUFMfxEcEOOmcsgvKma3dJ8165pz2fwg2S631rtZH5Jqu5CRvLPrvc0L1tRuYxC-uDbFBBRr9O9cXtwbGzNVggZsP5DjhhwW61BeiRpiQaczlTA98JD7VjBH_WZYMxg10JjX1lR4iICUxS0qTzGKz6_qlDGHxSVD_JOhitAFfsJq_M4vd12PBw&sai=AMfl-YTjMeR4D7O6x54oFWRVl5829jXkbzvriHaJ7iAn8joG5lqBog_zK65ojKgASTzGNuqc0_maRE1J4VHlG0LvLtxd69iY51GD_PzTEMa1aCBkDy_8ka75VHVTX4rfGUpiN1lRhDcEwDZKz1twzULrhU_po1cOjj3B1ByALtVVL9H3GVDCyktzbpHGXGHMDGEwf_T_PR4rnerlcDR8C6AuEERsHZx9_hBLbGPL1OXfGVfvNMmGcdaRlkkLSbY&sig=Cg0ArKJSzBfWDeJML32vEAE&uach_m=%5BUACH%5D&pr=8:2258C73E8AAAA152&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=3012&cbvp=1&cstd=2977&cisv=r20231108.02496&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 10 Nov 2023 16:33:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
khaos.json
token.rubiconproject.com/ Frame CC8C 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame E704 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Origin
https://www.ksl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 05:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38936
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 11 Nov 2023 05:44:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231108/r20110914/elements/html/ Frame E704 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231108/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 18:22:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
79861
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 18:22:05 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231108/r20110914/ Frame E704 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231108/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 18:22:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
79846
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11881
x-xss-protection
0
server
cafe
etag
5723174479369309319
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 18:22:20 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame E704 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 05:44:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
38935
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 05:44:11 GMT
usync.html
eus.rubiconproject.com/ Frame 04D7 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.ksl.com
URL: https://www.ksl.com/article/50775684/11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 10 Nov 2023 16:33:06 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame E704 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDYvkLbvHX6zNE2qo30rBksGFlDLiAh11Jk9fm2vjq-ZZTAiMwOaR4Smn7xHlvIDj1Y8kccCdj0qu4OUQGy0z1pOcVo6y_IJwdatNugHk5cJ9g2mD1YRwl3I3AYLYNzBz8VbnaoQszpc5HsH2EkZMR0DlVur70Avq3Y5lzJ-kozShvJxWaRaW4ZY6hwLMYZ8jqzwqDVKqohVqMHVFqBKVvEoY9bMMtMYf8aStk6Yn612oOJ9mX0_6ans820_xn7orWcCZvz3Tsc47suqTshcF0Ue0qMvFKCEXQLamiLfT3OCEIP-VgDm6iFbZ_k7FAnaKv3fTZZIZe9SNmd-NhDA&sai=AMfl-YSzPqbxPStm_dJHtVVwmJ6SdCbcRkcDv9uAPK7tqd7PhRWTYlFVCYvzZX4v7Em_KN8Je0LVUU0IPTIA0vmBekSSzER2X1K_uo-NCQOTtKVca9GH9H9v69Dvq-8yKzE&sig=Cg0ArKJSzAWKYKO_1zBdEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 10 Nov 2023 16:33:06 GMT
truncated
/ Frame E704 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1207f68398ab257ac681f64168d2b260e2dc06edd29add10159ca861151fcafc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
khaos.json
token.rubiconproject.com/ Frame 5FDD 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
khaos.json
token.rubiconproject.com/ Frame ABFD 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
Expires
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 952C 		198 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a65f93d72a5269c2a062899bf5c8de7851468f034d321470d46fdaa99d15ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63768
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:33:06 GMT
index.html
s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/ Frame F166 		81 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d44c05fa125534732583be51fd282ba81f36415446b59a1c797964dcd7e68bfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
47466
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20447
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 03:22:00 GMT
expires
Sat, 09 Nov 2024 03:22:00 GMT
last-modified
Fri, 11 Aug 2023 13:27:55 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 952C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstQmQHt-NnuNQKh6m5NDrPdOsQulXMLLn4JsORjkk2yXVGXEoHYZ2nyYPjqP2s0MyTkCVTNvr2RijTrvrnQsvhhv5Yz_PAR9D8Ho5XuvVLLk-FclCYligrFcb4CJwv5XiS5h1MRlbhFQGFbDyYcu1fGgz2qG0AF5wVyUdZEqPzNoT8PUO8-49O9tW-aDE0XBo2bwi5x8MHqi1vjB07xPqqRYroiK7q1UpNcVpNCBp6L1LNUIPWoPgvKGudgcuDZu-vJU8lsCZ9yYTyb70EF5X2rJhHvpkVZ2Q7EJGUeF5BrEihCvJmQYnbWsFV0ryvRq7cH2LMkJC1Aqmhef0DmjhM0Vaq4EkFsDodCfemS0iCW0XhwkfoDfhViGR0sgzV6aSS_QXIvauMc7ZT50-_17VL6b0h27vfn5bFxjQD8n4AUtF0cXQx6odI6p6JiovwE2Gfd0HGwxJyXvl2QkkIe08UqyQfdJE_iIr4nzze7HLKwQ7BAgkE6wpN6VZIB8qKsORWqXzVh4l8NRUdIjWdwte6XjXfeVLFuCyKHdgdL5HAPp0oMb-sp2MIRpeKCjpW3AsELG099JTHrU-ErwqimLC10r4gA0zO_ehVpeW5hCAC150lmPoMVCZkVeZzR2YOhGR2PcoAgCLYaB2ABWDQHkdjKfqzLVtb39rcgFZa4Hm0xLMaXrmufrFYd-HpJ10wootL_2pcdT32pfpoU7wmf7y4-qUktuwnph6Qz5rGnCtWqvGqFA8LE58HfKiYAJ2kSfNCTQvJCo3-8Kea1j3P5XiCjKH7E_6lb3qWGMkcJT1rZqjQ8O16Fhjsw3bbC9O9fuFAHeOuGQotQspDS6PXVOdIP3owdRVCFEEVS2lIAtGtvzM0A7lWZoDz9KpGc4cdSgbtP6poaBY0B7eixvYkCwwkco6SsbO7ZmDpEuDAxnS1m_Dg0aAHhxI0hgwMlhFPYhO2UlqLfa761J2gu8nRsBCgebJpMjc4yRI9CD2_zMkYir8MOSv9cU7UzYN8BMqaGD21741ON_4krct655Knh__Fxm2eWVeyBBME4rL8oT3WOZ5CoDHx1ukEmAS5LV-W4QBZh709Y9UDfZ2ATuLXhRZy8c_FP9T-KVY_u46Cii0ozSJDb3t4sorC4BVnFydxcoB0vLXREZuSycb944u7uZYoVNusOdv96VpMNPFhUhKbqsQIg6ivlVcXsewllVS1iPIAij7KgWmi2b9CIS0s1flj1d2dxUx-yoMHjZWZIdMe2xBHj9sNnGpgusehKH92aX_tv4Xn6orf7cuHsLzkD7Wss225P00qNYKX_h15LlmchQ2KH5YX0KGV2o5UGdHiO9dAE4fArUx8KRTg9SQ&sai=AMfl-YTl528dKpvcJXjgUJatmlI-s_ewPaMfa32Fw16UF4b0O0nnhLgGfiXmaUppQ0QWx2lGs1rnxB9Jt0ySR1cLPqKAPVYsvwQFgNk4Ha8bgEO-pWyRpRl8RnBqCCDXpZkSgfmUsYL9S7NT_bIYe08NJL14vyK0D1tArRx1PH_YokJvS6Fk60brn-yih0e8XPahcAS-Jkg4VWoBWOoJxa6b-WHSzoP5ZSGGXIt1MpzmcokUO40firlnPd5IEYU&sig=Cg0ArKJSzKYsTxkdu4ZQEAE&uach_m=[UACH]&pr=8:2258C73E8AAAA152&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2671&cbvp=1&cstd=2616&cisv=r20231108.05459&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 10 Nov 2023 16:33:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
DcmEnabler_01_250.js
s0.2mdn.net/879366/ Frame 2F5E 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 17:05:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11558
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 10 Nov 2023 17:05:58 GMT
DcmEnabler_01_250.js
s0.2mdn.net/879366/ Frame 3913 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 17:05:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11558
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 10 Nov 2023 17:05:58 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9D4B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv7DGGwud7_8WIk-Hub6ziYumeKCy7YogNlPvSIIG3ijXLfzCVhJqlOHZzH90c2oLC_vycUglZI1ABbQOFuEnQN7R3AEkyTbwTifWCDkDN3pvdKpHKYTAltm0btQsXGCeIULQLrXq1GuA&sig=Cg0ArKJSzCZLkB6GNGbZEAE&id=lidar2&mcvt=1733&p=154,436,244,1164&mtos=1733,1733,1733,1733,1733&tos=1733,0,0,0,0&v=20231106&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2059224439&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699633975707&rpt=9324&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=14
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 5CBD 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=b5Q5J_0noQbn4PSlTIkybjjmezmOfqP_WrqVowuSIIylfLHd99w9dCkvW-93yDsqpt6C22nNMAcFivyxWw90St7ZimIltxa627ZnDKZhtf4qHmuytKSgd6Uy7FGXj8TG2G5p9imL6_fUI6JxUxy-3Q8N8xwqk6tkV1nlXJC4XVIU6A_R8XOq3uvcrhw71dR4bXoe8C_atVjN_C0MiI6o82Nd3DABDFLZKL8zddST1Nsl_rQCfKjvp88tQkp3VD0HD9Qjxg&sds=2&rev=89278&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&u=%7CiCIoExY5DLJnj3cUWrPmg%2FW1wCWa8MsklhRSSyXefBE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpNfsuV4bKOZdKqTMcDQM9QOi9b6OeQbpah9Aa3YjGsMVfFO9qfmzMDw_7i5havYAmMLdT2n5hT2PeCc09pPai682rBhPdfDyDON9CPKBYCXL5MIlqRUnymcp5zMdV6EpXY63z1IDtsUiOskSw1yJx3NdcBjJiIEyG0-Ea7dzXUnn4-CLy_FPAB5ale5p7oDmqC2Ibf01MRw5AlNca0YMY72_2fVVNOy6BNYa-fcfDSZokA-OEJ5UzUboVPTM0OLL-xX4UhuljZen1m56hzh24rdO6TohDf_gOfQFee26xoqADVFDDt474oPM4GSgVROVz6oJJ-rmgU60eMGLjh6upbUva877pL9CUZQXxyrJINQWsl44z2y_0sRTjZ3c-UoDfTZbdo4hrjM8s92e4m53arONhpiUkShYcBvOqeWNclciUeDB45HkLILJq0jy9ctttzax84VRYzcc8H4-Ezi8AGkDdLuuxLFLhZNQ31GFNUrHKAsQ3VHxYIGwUAAfncaxPSu6QlSaGPjcDuloO42XkpR_D6ssL4r5denpSDI1QHCby_79Yacbfdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRy2uNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSoAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1D_IB3b5us9bUWtVwX9MoOSidQCHYp4zbZJ7uzinH16r07Rv_BL092-L4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1L9OdLWQRuChaSOxHnjb9YZwuJAw%26client%3Dca-pub-6200089548495652%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 10 Nov 2023 16:33:06 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
usync.js
eus.rubiconproject.com/ Frame 04D7 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9508013aa8cb5143b32e62558f116c06a909d285eace78f4fe2b0a1f3e84fb83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Fri, 10 Nov 2023 16:33:06 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Nov 2023 04:29:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42864
Connection
keep-alive
Content-Length
13280
Expires
Sat, 11 Nov 2023 04:27:30 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9D4B 		198 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a65f93d72a5269c2a062899bf5c8de7851468f034d321470d46fdaa99d15ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63768
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:33:06 GMT
index.html
s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/ Frame 02F7 		81 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d44c05fa125534732583be51fd282ba81f36415446b59a1c797964dcd7e68bfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
47466
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20447
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 03:22:00 GMT
expires
Sat, 09 Nov 2024 03:22:00 GMT
last-modified
Fri, 11 Aug 2023 13:27:55 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 9D4B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsubfityv1uD5R-8V8iI8TPPCeu0U1lCyzlkTMn-nNs1eAfGLvbRJjeIEP18I6TxX6f4maJSOHZqJ3UCGNOvOlOmt_GE9-eHIs4ajfUAlmuVwIO3LW9rOejXWWkoH084ExHBJBllxTiwiM3QI0I1K8HXcv-92JNqYGAs_sSzLfVoArLoyDj7jgE9jm-UYMA6WS-yAgD6qEIlzvc0MrzKrXvAomBqASFM-7ijMrfskEeTTarDGVoWGNxXgjARpmCzDV7Yjh1ni4YnqKllmGOCoAjvLXGCEjMN6j-VEVpAfQXaHoLe9BAfmo7G91GN5WUpA6qNJzofspjd2YafZknaHgJyQt_UhGAgMNUEpxCGzwBDq93rHnN3gPV_nndmcXpf0unc40fP9ZqUL5dUlmdAumL8IJhkzy7pzfc5riOOfyvP-eJ_rKnggr_8L2vpUhtpkf91QKFV1f4UIJqfGrIe6K4BPPYtndKO4r11Ecwmudyi6szH7AAP4tQsUusRMb_2oZekXTHnB7t7-3A2jXV7AimegpwDgq9XPnpD_6oP7wdfVM7sCvxIDRp_4tFxX_Rr76vsW1hh93WmJNEUmZNW7s9jl7AXTbgqR4PPGNOqcT5vl3WdKrUdcYeQodGdnPQtuAYrUnmVR2zr6h1BT_C2Wa5C-dt_rhJYeW2isbDkvR3-49ADN6EwQ5DkH6mJV-iUYx6ARmxOANpDiT3zirI-11X7u584uzvcgFOK6s7V9ZvJ7DfT0RceAjT7MuzPUWY_fOKDDvkZQvgBPZphYoBN0nn5_BPFlfrlE0AiklLyHD5B7wlU2JL6v7hqQIjXHqU1jM8fIlArvf7D_Wm3h4o9y-uZ56PbHSTvPov88P2N33Z4-ih0UueCArwaloWL44MlatvjCGa9erz4TJ_IonGtFwk7vDW6Di2nukhyF9AN1zkkJ37tnX8gfdV4JlaLYmV3ewMwkaRU82mHdzUG-7yzRK3elcUPtR_4-o2sebEJlbKHzmwK4B_RHCTfW0X343dVU2zX2bhtT2fJo0BWC8OzmKDxSBRS5zW2wTryhRjdfrUdY8FQ1bU2h0GhMH8G9lHRI-2LGN99pON2eJDOGUaJT0vMMdFgYjXINPyboIs9JB4ANVwqXH7UXMD6G1AeNx5HhIpX6QMewhWrQudl3RsfNYYBjjdRLdUscgAFmV1ueIMq2u4xzU5jeXxP6H1b4-9hwAh_VxD4lF_djDGWsGVGFPUmE4uNoxWofsMCzCZVDOpQd4pPm5vHuX_fGsFi05Ypx0IHxW3M-wNwssOTIi_Q7bEvhnNeat55R87pi__HT2bt386vF_j8KB_rpUzXnksLeGN9&sai=AMfl-YRxS-PXNJGMUetfTQqA-UuuOI04ar0SzbWxg9RiFG22y1FKw4cKBAS_C1aGYPHnTFQjwG_v8jq0mhWyeaewbFaiALvN9YHdks6xoEBP7-vbQygRGd4azvFUwjYsaeUpUj7dUQjeSgOsaNooLkBgcmBp-2tBSvbtF9k0KzRUE6HBAtLmdJZGGuIFvjkSPJJtAi0nO_BJjb1LQwxGL7BKMRoSTgpppxu90pOuuerjmiPBLh5HNAgfAf3o5WM&sig=Cg0ArKJSzHOnqy6VHl1CEAE&uach_m=[UACH]&pr=8:2258C73E8AAAA152&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1910&cbvp=1&cstd=1867&cisv=r20231108.42993&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 10 Nov 2023 16:33:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 807C 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
144664
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 00:22:02 GMT
expires
Fri, 08 Nov 2024 00:22:02 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0429 		198 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a65f93d72a5269c2a062899bf5c8de7851468f034d321470d46fdaa99d15ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63768
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:33:07 GMT
index.html
s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/ Frame 09CA 		81 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d44c05fa125534732583be51fd282ba81f36415446b59a1c797964dcd7e68bfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
47467
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20447
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 03:22:00 GMT
expires
Sat, 09 Nov 2024 03:22:00 GMT
last-modified
Fri, 11 Aug 2023 13:27:55 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 0429 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvGmRXXmA5eqrQBiQCqnYlKKYVRy8rpa_F0ZDfB7UInwb2aKyDC7Ie5lY-fuLNRMolbG12tcDgfvBL3tRvhJPF2VBdaasjrPs1eF3PzXM6_bCsOBmNjwNidedT61hZALnsy_ClCFFsY74nogBjiNkGPc7W-hu55YmRWYo3c91B8_sDmUcfJoQdU3vWrZiEIdoG4P6JJm3i_5Rkit017TFDhej393fHjTH4apwv48G5ysVm_Jk_NRU6-7kXN5hiRHk3aUYbtlOpjNR3jfllJCMgkI1itki3EDfjE0wJEI1PD-_tzr7PvhLFSPRvSNxh_0ko247Q4N_ob1-7rfnwdd84CnBqqyJRe9YuaMeTRyqAbHf8skLzRXfXdSiguqZb3dIAQFIXojlYNDWNoc3Hp03I3Eab62se8rcDNi3IpGj6Is9FJEhqW8dMPGz-zfYsR5O4r-G574PjKFTYA7SeFNDvxg4Q2sgOcsace6e1wehFkhR2cvnZ8itNhxLcX1VFhPpXM3XGEvn5xR7BbNKpuJQJFnHIpufnf89Xv1H0UcNbAR9x-xIUfAYcJHaMvJU7J0lkkLyKn6thi1W3OGqd1ZVs_9C4j-sago-paKcdh8djhhSC_sW1lcX9qbzdJBUVKJaaZIERxgSa3ij-hayK_JBnORzkoZRh3FF6VIrnDgbBaEFvMiW8KFgO2Kj4YOYcWgOzMrt2zpmw0oAGa-YVhszgsECaZNg-Ods143G9yb4ub6B0zZdfEZfRAg1NMVL_pL18av6vKiQwOGo_jPk15kNTbAeJijWkDuTSsH8bGJ8MbEYQ787HkKmAA4XQMq1qgIqYf6KP_vGJ98gTh5mvvseINGImVrW6W77Lbdem9GCtg8wxlGVfHOCYc8J3w96_MpG2_JS06ZoC9VTlV7rQudN8OgBLlYxVUhIAP16UxxaDL35-I16MgJ1m5m2ckAR1X3R4MzcD8YlHw3Mrs7y4aTIkDFAOK2uu6r-0BFmW3BzPDL9OM82CrYJb7LKna32uSh0gzGv8D31JLXzyCx4xD6JqZh1-cUjShyCRZFL6uaJTEeJRzrB4ujZGbt42NgAWDlT9228vCklwqS7FjfsGmbOK1GMPu0x2ijVl4W6YgAlpNF3gcya7oanK8igRKATxAjp0Su7TV1d8xHeotzTMDEmvahBp_TP9oLNyWTP2l8epyjNU558ZbI2LpK6Rtj_BcT9nfLmMhZPMwzlC-czRyMi_rYpiWavR66WobMMIu9GZ6PeXwHpYWLi3kro_hH2BQ0TSwBE7RtTNHR7jCE_ND3M0anqjjViFnLbZ2ntd_WQMsLo-2kk-u3n6LSK0P2roIVqHl&sai=AMfl-YQQyF2TSIWv0O5QGlpHIHDxi6keGIGcHlEH7w4qln62BeTyHo7eEmxmdSVqUAgXOxKYSF8GsEbQTQ4KAAMs_fMEVD6FEqdZ67anxr4_r_6qJUAVb65T05bRcvMj7xKa8kUpvlRTKj8gfHufpCyeOJknJczR4V1tbonP8zz1o_KmBg7Kr1D6EVEsvBmJIOp0VDsTRs8DjNQgYOsaVK0XjJdqUUrTbZuECm15Oh-t0TXdiHOotqT3pheliBw&sig=Cg0ArKJSzO6hAqEApaYAEAE&uach_m=[UACH]&pr=8:2258C73E8AAAA152&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3842&cbvp=1&cstd=3783&cisv=r20231108.89637&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 10 Nov 2023 16:33:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 6281 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvAMgATdOhx94X9TirVo1BAvI1Kbkggum0fONjxHEQOB6xsO3ckaOuE3EWadrtBZlAEmYXDm0-vWTHNsD4UidwALTQirXa0R-dyvY4GCmBUAqauP9NfF3XkSCQUH8PYL4SHy1rqqUKQxw&sig=Cg0ArKJSzMfVUs0Pb4_GEAE&id=lidar2&mcvt=1669&p=154,436,244,1164&mtos=1669,1669,1669,1669,1669&tos=1669,0,0,0,0&v=20231106&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2587397766&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699633973738&rpt=11586&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=14
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3286 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssfAriar4W_Ahd2m5TYPKCjGKCzgtn94yw6Fm2FTY83NaGgv94F10mKaFffopo_vwUz88_iEtCEhhpEXhtgGLB5sqH_lBSN9T5PTG7aiXlTvqCi6phC6Nyz2TQkL1z2A8RUTEhU9LkaAQ&sig=Cg0ArKJSzIXef-9Z3ht_EAE&id=lidar2&mcvt=1675&p=154,436,244,1164&mtos=1675,1675,1675,1675,1675&tos=1675,0,0,0,0&v=20231106&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1332890142&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699633974137&rpt=11205&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=14
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FBEB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsscSvDw-OZmNY6_WjHVK2pB6TQoy9uecWP24PHewEaeM-_oCtgFZ_TYrXPVhiq7H76HIMLM8Z3X0WeI23-HcapEOLnpFIWHDveiun27wq77zhD9eKbA5v-Mvy5c8Vlta6ShEVkL_SIFEA&sig=Cg0ArKJSzGk6_9pdNZnIEAE&id=lidar2&mcvt=1682&p=154,436,244,1164&mtos=1682,1682,1682,1682,1682&tos=1682,0,0,0,0&v=20231106&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=658150668&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699633974260&rpt=11099&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=14
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
DcmEnabler_01_250.js
s0.2mdn.net/879366/ Frame F166 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 17:05:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84429
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11558
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 10 Nov 2023 17:05:58 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6281 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 10 Nov 2023 16:33:07 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3286 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 10 Nov 2023 16:33:07 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FBEB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 10 Nov 2023 16:33:07 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 703C 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
144665
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 00:22:02 GMT
expires
Fri, 08 Nov 2024 00:22:02 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
khaos.json
token.rubiconproject.com/ Frame 9576 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
Expires
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 2FD2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Caw8tNVtOZaPRKZaT1PIPsM-32AjJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYyMDAwODk1NDg0OTU2NTLIAQmpAtPQPL_d7bE-4AIAqAMByAMCqgSlAk_QnPgU6plDFMz7H_-6DORu2GLg7fnUqY24KDPV1WSUgAW9C32oBNMEi--8nzKcOlATRPpk7kR8RpmbkcD6HdM5jE1i1e3ah3_ZxOG3iAJduqircoUrrLd6u9qa-GJ_sBZaYlrotn-QahJQDEUlIIUBxFZ7mPuL41jh6iW0eSrpxRb_LQTFLL3vd55DMEg5yCCfO6W2GsiVhPKvZidi8peS8Jcgye1NppNLfaU31VgC76929H-Ksd9uAH47lZJBEUeDHsYXptUZ2KFVssY8LhSEymBnUPEeWNSsfpPaUz_F0GaC9s83gVoxtHiCqACaM5HcR_I5RWWpgsiXgQXT1H3KJuR5KR9m97tyG_NsSUCsUgoxaLAr7yazhp5VoECHyyylaDId4AQBgAbqjumR8dyRhxqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNjIwMDA4OTU0ODQ5NTY1Mhi84RY&sigh=8PZzjq-RQ_A&uach_m=[UACH]&cid=CAQSPADICaaN9rrs3NidR38EHBIt0c-rWJCvUqu01A-3-3O2T2YNTmtD9Qk1XfA0zNeRkcVXFhBScUbpBXZGshgB&cbvp=2&vis=1
Requested by
Host: d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com
URL: https://d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 2FD2 		0
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k6W_EN6BMNgFWp2DYgICAAAAPxczHK-FxAEN2W9Zt3r0AxA1W05l60vxURHervYtywAAEgAACgpBUVVCRHdFQkR3&wp=ZU5bNQAKaKMIVQmWAA3nsAQCpBy2kKczPH_4_g&cbvp=2
Requested by
Host: d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com
URL: https://d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:06 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
5336959
server
Kestrel
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 595E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231108&jk=917218608026602&bg=!NDelN3jNAAZxrfrxUa07ADQBe5WfONyLYra5neft8PVqM6rO1jqp1D6m8eDOHBEddFkI95ksvSyMbmkjweS8vFnzeYGxAgAAHFNSAAAFLWgBBwoACXwecbnGgdABg5kC0TloTUJV6ckXZey2VSp7FQJA1WTk53_t-kX0N9IzLGBf_Bn6b70N-b0E3ZGoJmBwY8j_Oxh0r7hu3Q4I8D-ZxstbSyBhEJyKqmDp3FXEUBGeSfp0r3BD9vllb8Cgzj1CCnTPcLLZmE4poCxSpcQu9X4JddiLbt4bcCrTRrtVs-AIL2CXqdK2p0OQAvXKVWSp5iu_GTV170j8a0-i5OocgvZizdhy2_eUNoN9EVZMWMWzFjIThAEFK3GXF8v5m4EazfdHn-UQwAhFHGW7q8DWjfQMPs4IFAhUVEuHbZypwwsuTUePSAua-08TltrK1a3ETHzdIMV_MVfDwx5SlSXPfalpdrtYfxs42Pb0jYGulOTf5hJrU29rfGBU_F_QQalP9Qw4Rf77433dxFDAKbFz9v7gbYv0FZQpgeG3cItjqc9BFarKxM0uGkSrOGp9V2LeI_vEOq12_TaPnANjcvEMgGm7S_U6XX3SfVimDtBkilbnEAEM_xUKEoriHMsVs-G52DUyEN1y25-wZoGjkhS1VJT7raY8aGcjdWQkgG2qWQgrwoiMUI95x-P-VMuRNdvLt9mSmW26xmvnM9Z_h5Z3IMjS3m-124xbno8HDTFEcckj8hgkJjLN_a4RUeiyT7f7E1nE7Garlt6A9Q63LfSJXxn-LTpWHB2NopngXU_-L_u5RCfEiiKjUMNuBO1Sk8NxyoqqWtK7h_JBiByJQPOTPBeiB9vpZlzBJRS4EaJE9fpuKbWuNXgKVQSSJob1rsAlv_2poYn2Hie7iEbEOocZPBsMhhUBuWK6VBTanAXySIn_SCGTMVzE29bSpQlUvIrjxa1OQ_-C4dfJHqKigPox2mtGyxlN4OcrM9JenTHGXE9rUS3w2u9TIffwAvzHSYXqAbx3qnBN-Jg3mwRfHprAcGZPMsqxn9gjjExFTLYZpjPVK7qx4MPw6eacBOwW3hh1vnk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
DcmEnabler_01_250.js
s0.2mdn.net/879366/ Frame 02F7 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 17:05:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84429
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11558
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 10 Nov 2023 17:05:58 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 4C84 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
144665
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 00:22:02 GMT
expires
Fri, 08 Nov 2024 00:22:02 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 877C 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
144665
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 00:22:02 GMT
expires
Fri, 08 Nov 2024 00:22:02 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
DcmEnabler_01_250.js
s0.2mdn.net/879366/ Frame 09CA 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 17:05:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84429
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11558
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 10 Nov 2023 17:05:58 GMT
khaos.json
token.rubiconproject.com/ Frame 45E8 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
Expires
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E704 		198 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a65f93d72a5269c2a062899bf5c8de7851468f034d321470d46fdaa99d15ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63768
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:33:07 GMT
index.html
s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/ Frame 76B3 		81 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d44c05fa125534732583be51fd282ba81f36415446b59a1c797964dcd7e68bfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
47467
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20447
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 03:22:00 GMT
expires
Sat, 09 Nov 2024 03:22:00 GMT
last-modified
Fri, 11 Aug 2023 13:27:55 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame E704 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstSmFHwdDcA5Sh1JzD1BIP1FO0mLUYDAEpVWRwQmicltS5HGcDAh9Ow7h5ZOpOvbi3iodeQBT-xMu1aJIC-bldawl8KG7WTVW7LRzSXsntHf9GDt3gJrO4vn-qwaVZXECBAzUAUKSMW4lIo_TSXGM-jBvaJWeLm-GsqwSS7Vxu5YpSK1iZGfrD7-9m-EGc1SESVumBwein8NnVSL50AyGidQkO-gkG79cAJeJPlaOoREPtP2E7JvCdhd9QYAaUAP0L4kdtLoMo2nEo0_cXN1vNO-tFCZNqCzlK1hp8TNust5mhMxtKKd-dNwPduHzYmbLCjhjdUrvVl6ZL_pgEj5C3iW760I8inFdRPKUKe1u7GLLgYiz9S0DCHn_TMsVc9Cd1AXSZSJxw9PKe1JcaYygBm4ON3iK_foAttDoFCx_dxsWr5cdj9k1CwT3GqN694yEN4Qews2IYBFEALG5C6fzIVvUIEq03-w6uDQF5No1ou6i1grs0sHHrzqjMD8X5Pi0fARbu9Y4pNUi5-PYt_N7nnkuwOxcbsHUd_WUeQSy6FoAJ_GLVL1443ewW2o9ed3VsfyuJ8FIsgz5-otMlpsEeWCP6cbyohPJh8yV4oiL1qvWPLbP0Jb_bE_EFfYlX7hyzXI3w7M-ssqeTvVGH-OaCl-g3o0eR8kkwe_hqmMCKhOt_XDkVn04dU24oYzC_bjVz_tMkOVJaocJEDCVW6tiDQOVVyvjA269VolO44FLTrDho4vZHLA4uSOcLT4N0K3aJSzp6ienJsYailnb_XoHzb-axGhljCSPLJENHI8_U8pUdjQ6v0EMWH5bgWBBdPIQNVgV-DE_7MDps1om6Zdcw9JfCVlneNoRinT14_jVuC85F2faOcpVgneZVhljtvF6J4VjnmnVW3s1VdcwdzaVmav7QPciRJk0XCkJeYZOMe_X6gmaUYumI0VWrV8xQN6BPhHqklC2GThyZFZN74dNezQWpCM51xDkxkqEeQ3eKHnBKPu6Xm_KXCjIgP9gJktrc72GHUjkrH48UQXzfetWcdjfqLUSx-rekN0lIrVgQ__e4ha4wgNMCDcT3GOOV-BrRc0yejesyZ007s_ut-iGqomiRswsY3dJUz0BIaQs-imcTbLnli6F83rB3U6ofb7sFu7f-IPSq-0_vUeKFeYOnpBqgPiLgjfJKpDrh7BCyG9mrx_LPvAaeQtHMeFaxFp8bTI8Yy5wlsQc4zMZbuQyfOfq2nDNSHEeypca4GpLB2k9-WKGAmJJZz8qzd1PP-KPkSxEsV14okFVzITN3EIEM6uCpUNqipOAQQ3Q2agTQzKvYOFsdFicyya4VnwBljPiQE&sai=AMfl-YTgx_0gM7rwYFiJKRrkygokIihEWw60fAJhSz2X4tDnqlvNbL6hnz-no9uOxPflVoDQDO-W2ERQu-Hk4A_Q4fjWdi65QvmCsRPgH7BgBBtfYG5XsFQXA0_chkqA6gR5QeDVEQaYIBq-KANx0MUtJ6AWMkTx0l8lBjCwmQ5t8jDw9LocB3CCiF90gPtvff_zb7hu1IsOxZUoqPL9VGrQyL6dk0naadJ244x8kYGZUvxJlojt8A6MeKN0WCs&sig=Cg0ArKJSzCO9wjSgHePFEAE&uach_m=[UACH]&pr=8:2258C73E8AAAA152&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=944&cbvp=1&cstd=913&cisv=r20231108.01255&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 10 Nov 2023 16:33:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 4327 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
144665
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 00:22:02 GMT
expires
Fri, 08 Nov 2024 00:22:02 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
khaos.json
token.rubiconproject.com/ Frame 04D7 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
Expires
0
DcmEnabler_01_250.js
s0.2mdn.net/879366/ Frame 76B3 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 17:05:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84429
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11558
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 10 Nov 2023 17:05:58 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E704 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4BfmLVHEdvEGTyQbCQTHpKZaArY0afVNdrEDpzUeWSaU5Fc3MKU0MM4CGo6UzjRJTIe_7kfJhLK3NH0B5oMTTUdjUZSxTdrZVEuAd9f-lqncz5uRWyxSEgsxw_w9OvCQ8jvypMkOa9A&sig=Cg0ArKJSzLEtpzLEy3J4EAE&id=lidar2&mcvt=1208&p=154,436,244,1164&mtos=1208,1208,1208,1208,1208&tos=1208,0,0,0,0&v=20231106&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1601445237&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699633976628&rpt=9927&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=14
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 62D5 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
144666
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 00:22:02 GMT
expires
Fri, 08 Nov 2024 00:22:02 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame B3AD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssGaGGLqBo_-GRkxz9zkZuLpHL0drGyInWDtGYknu8nRJXarqqppZXNbeH6ya3lVklDr6P97ubB8-ef1UIaHLd2rmX2UJYv-xnU1ehJtjZnuHF9WMyHyBpwX0FDAnnJnl46YzVh-FGvZFrHlsd7cVPgIMTANTPSjKIjrwwdrOpCzWHhHcF3cOmmWRfXHA8W_7K9SG-qjTaktxGVGaL0bDfDGJZPIwXJT5IhJzCJDPh1h93FCAS5hvmlD9YWjpXki0NyN_snbiNBfJZAHF2u6LTeETxwx0CfmBr2lqw2VIw8twABIYGBT9i0QOCIQz1JtREuIimfohSrXjU2mkQx0QD_sdmVypXNIOboimtHqyHy3X35IGaIS-vpC4TN_l5UFwRG8e4MWtKiVuM9pyhEFk5vbxpWTx3qxYP0dLxkAec0H9okAMavffMHcfHbVIuXQYyrtopBWQ3ISrzhUHyd3P1pMHw06VrPoBawiY_bdJMHmmz3AzsFx94zWNhsrP8CnI1bnlE0tO5IeC5EP2Uf7z_Kv6Jyhe-peZu-_p6U7nB7Dgba_Ygd1tSFiynOxq5oEwMBvXXGzOnnDiXz_5zVKS0P3QjQbqDaxUgZFUQzI27bZr9ykLLaDKdlTRdtfiTIzHGvet3b46zCnDTLygmKR4cKh9ZN66UpbknN8jH9Fv51YkXEdEuDXXpWRo5CqWdNFXasdjjummV5VjXDqFRsUgOWsnzh8oMwgO355ehIIVl-g6Xs6N4vOzbMJex89rCKKQnFOy7ueyO2Uto9VGMs_mQmPNWwAJx9SkD2ABGiJGb5kimqnZC9gc-mpqc1EAvJrN3EpNM2ewRuyeZVJFS5uXGFRwl4YzMqdEI97XOKUd0SsVOJ9hZ4IAU8J2at5HaO2b83gk6VD3qPGhkMLb58lNGlrM6cwh2yXr0AoWPQ8OUzbpZnMjvNSXaUT8DBdbA7wEeF2Qb9b4uS6_vr2_Hq4kgbTAo_icF37EGia_QxMPxvkTRqkO5qXvI8Rm2pzZdMmz6l9Im1n0DoANyeXKHXoOLY62epaKoTq9maxXc2lqkiuAjarJ6UD1RKjeC2KvfmX3t5O9u7gSG9rXZP6w1giPQLb4PLg6sCSQlmkZ1jf5eU0ImnsfeoU4A5DBHxltYm6e9bpgEllm4OIEAbRm_eEaolBTQPoZyXjIxw-QlPj2mmqAvtVVzK52vx7QuZDxDwqjLJiZleEGpZHImdylBlRG4AJqi_qi6IEsZPs6mEHTPN1o-ZCnv8mQj-rDsXH6lpT4WtQW0XwZlO7hVdN1zvf3zj0AEX4ha1G4utnl9mFKyUyRPA4a567mfRACzvTFC9g_k681caDCvuOhejK_RXz2Q&sai=AMfl-YQ418_L0u94XH57gedFi_i9mLbGLu6PytNWzNDGyEfecpgXXiL4IXIlU1SHchEdwYhICyX5hHsKvjZLpoo6Y09AUwGbPjXqFSdp5cYB_1eaBoMtA07usajzOnt4Uus0FvQMP9V3VO_xQv3DpBymbXO1dH-eaIR1ZHxdHCixUgddSatYynHQh6gM6iSnBYy69EPXRZFR9amRMpcN_VY0XrVt8JXQWy6n4GTJv_wuT1QviYzYq9oJ96mBP88&sig=Cg0ArKJSzKNdC-2ULFBVEAE&uach_m=[UACH]&pr=8:2258C73E8AAAA152&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=6252&vt=11&dtpt=2417&dett=3&cstd=3781&cisv=r20231108.25866&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 4F42 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstupoAtBTzF3qAwABZg9x5kArX6GWtpIB4OSBQPd2p10k7zzyDfQWtLpDgarRuo7xxrcNAA55vh0pYCyG_8NlWVyYXLJ8wihtBgLavnfpuzt1W-7Gj87PabbG1vYOzKi6jkh6ei3Fg4ICtJITEzzuI1uYSpdNOjRPadxljDb_JjH1ZMeOLm1pT_1MBqFVTVzShnmJBER9ehmWE99lIdSaHN0HtZfOSFamq_sjfDG_BXh3EHwXwHSJrMzpgXZ90ZCwNYFZqf5_Op0PcRNVlM2vE9E-fLXkLqg5nF2Z4g_NaR8tgw6WJeDlNEPHTfR9YDpIcYIhho2xtgFqqJp_is1Kjq0I7Y9RzL9jRxuEGiiGMd9TsPJGUsvSs1i89Yoj-QVKPjoLO8bHZVlRSBb449eKg0C-xhJaEl0u1yeRN5R3baKsz2SFdJPPfmJk1kEo1LUsa2JI2oyiGsupoq7R0uAYrRi-ag6dRLqQ4Xpf4T06Ly5N59ld4T-m-Pci5OpIf5EJvc2xqRrNqLBYkb-Yy8RpLAZjvFvaxXWVz5k0CLJvSFXyTHNYQpJ7P1fY4EVpb8jyCyBEYN2rJZY4TIEPcv--27Knf42ABgbzTIOiWEPCPtiwgFQ2tNdTozSA2vnt0QQV11L1Ab8feb9fOfqPkox92RQHiY9ApBbnti8c26CkmBpf0KzejiHBkQTGwnzYd_2l9qsLfFnUfwV6pz9aq9In7zdvpsYVlf_Rve-9ojp6A-JkpuFjQAgYB2-KrWDwneFjTh2JhtAje2A-f4jzLumfFhcgKzkygyqTrr77Uyk3dOKU2LlNQltuRlNLSdQrTNeYKfltq-lbv0seq_DzaVYw3K7DHQ3X05CoDzg3EovrPFYyzzCOrLwS-M0Cu7yzPsAZN2E8SWENTsOEVEZ8TI-_cPpLslFM3EUZn674fJ4HSmcvwDJAHn6cfZ9tp7zaKnXm5DeW7A_GoG61cKa642l5PaRpaYPoLKI8lAK3nRK8GSgbKk3GJGiHz4ToQmWuJAEOkYVqoT4C16mIvcZIHV0xLkMK5g3cuYTwl8XDla10FfcUPiljFP-c6w3IjPyJj1XlgPSJw7-izjvf3uzz9R5BtJhF0QITq0iIMOUdB8gor6O9aBNEbVUcdo1bIH1WAgnexMdiR1fNdeAUFMfxEcEOOmcsgvKma3dJ8165pz2fwg2S631rtZH5Jqu5CRvLPrvc0L1tRuYxC-uDbFBBRr9O9cXtwbGzNVggZsP5DjhhwW61BeiRpiQaczlTA98JD7VjBH_WZYMxg10JjX1lR4iICUxS0qTzGKz6_qlDGHxSVD_JOhitAFfsJq_M4vd12PBw&sai=AMfl-YTjMeR4D7O6x54oFWRVl5829jXkbzvriHaJ7iAn8joG5lqBog_zK65ojKgASTzGNuqc0_maRE1J4VHlG0LvLtxd69iY51GD_PzTEMa1aCBkDy_8ka75VHVTX4rfGUpiN1lRhDcEwDZKz1twzULrhU_po1cOjj3B1ByALtVVL9H3GVDCyktzbpHGXGHMDGEwf_T_PR4rnerlcDR8C6AuEERsHZx9_hBLbGPL1OXfGVfvNMmGcdaRlkkLSbY&sig=Cg0ArKJSzBfWDeJML32vEAE&uach_m=%5BUACH%5D&pr=8:2258C73E8AAAA152&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=5426&vt=11&dtpt=2414&dett=3&cstd=2977&cisv=r20231108.02496&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E576 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3035
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 15:42:33 GMT
expires
Sat, 09 Nov 2024 15:42:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 617D 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
058bfd62e370ac55391bad045c25a24c8ba80412e17e8e39da6e97960ac31494
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NRKsSjGi3w8vABZ5N_fbcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-NRKsSjGi3w8vABZ5N_fbcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 16:33:08 GMT
expires
Fri, 10 Nov 2023 16:33:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C9EB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3035
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 15:42:33 GMT
expires
Sat, 09 Nov 2024 15:42:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AFF9 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
11ba48de51ec1617bd546b1f6d45811345473404dc4154afc5205ca90545b111
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XQXL5pifKvzQhePFUZXx1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-XQXL5pifKvzQhePFUZXx1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 16:33:08 GMT
expires
Fri, 10 Nov 2023 16:33:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 86A8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3035
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 15:42:33 GMT
expires
Sat, 09 Nov 2024 15:42:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1B59 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a98ce90ce7a2551c432b6993e0c61b3b9b1b8863931d567f896a65b7d0087128
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-51vrfO0yzVxJ2U641g6ERw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-51vrfO0yzVxJ2U641g6ERw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 16:33:08 GMT
expires
Fri, 10 Nov 2023 16:33:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 807C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 15:42:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
3057
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Nov 2024 15:42:11 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 595E 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=917218608026602&correlator=2154901281558156&eid=31079443%2C31079519%2C31079522%2C31079523%2C31078015%2C31079527%2C676982996&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90d_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=15&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D844df475bb5eeae6%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_MYcLTca-AldOlRnbxNPEw1wJlqeQQ&gpic=UID%3D00000cbf89a7250f%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_Mbx_oj8txuoS4whmloLukh8SlDFiw&abxe=1&dt=1699633988123&lmt=1699633988&adxs=436&adys=154&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=z5rv03920ooy&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ref=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&top=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&vis=1&psz=728x90&msz=728x90&fws=256&ohw=0&ea=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsn9XWW1irmeZPXRrPFP6898OikeDOR03MqrHJRoK7rmGA1Gc5QXFCp_qXQEVhFSglQX2lF2HTf_erO4aAPeBKMTizHwvT1B6W4%2CAOrYGsnASuV1Y9gu3Ttaur8Xlcm6Mvn7N4leesOU7Fu8ImYkvVqh5zzrxw1CWfmdP-or2ENfmEV3CqA6ikdsAmztVEFQDELb%2CAOrYGslEvIm1GYm59ugp7kIdOrphXGjjumWg5jJG2-Ejcn2GXJxg2mLDibe3xR6Jd9yRE-Zp3TwHmk2QVFicQm0-O1s6YAoi%2CAOrYGslsjNvs1j0MpO9thgO-TjF2fLzRq8I7XP0qzqyjooEbxGikL3yeM4xegg9ggRZNaaD45Vn5448_UEEEg2LQVx5yv-ae%2CAOrYGskgY2KyL0z3chmRH7B4xqy4OS2vzRGhkoKdKQocYnW1baQSSfKSmkrfW1_cWav2CHoPtl1RQmriL4ccA_wFW_XiX0WVEmjNER0%2CAOrYGskwWtRNXI4TO19OEDbINzj1CopcMBjhMsHpKTy4K8NKA4F-9gzcyh1VmrgU-JMpCDwXuCON2ZOh6FeNzsJ0kJcnlKnWHgnPl40&ga_vid=233581687.1699633968&ga_sid=1699633973&ga_hid=1249276230&ga_fc=true&dlt=1699633969881&idt=1901&prev_scp=Domain%3Dksl.com&adks=4283511922&frm=23
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7da0fd34475774aff3277f694f48edb82c033fc87544a20c936335d36f500fe0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12131
x-xss-protection
0
google-lineitem-id
6110887587
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138404649566
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ksl.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 952C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstQmQHt-NnuNQKh6m5NDrPdOsQulXMLLn4JsORjkk2yXVGXEoHYZ2nyYPjqP2s0MyTkCVTNvr2RijTrvrnQsvhhv5Yz_PAR9D8Ho5XuvVLLk-FclCYligrFcb4CJwv5XiS5h1MRlbhFQGFbDyYcu1fGgz2qG0AF5wVyUdZEqPzNoT8PUO8-49O9tW-aDE0XBo2bwi5x8MHqi1vjB07xPqqRYroiK7q1UpNcVpNCBp6L1LNUIPWoPgvKGudgcuDZu-vJU8lsCZ9yYTyb70EF5X2rJhHvpkVZ2Q7EJGUeF5BrEihCvJmQYnbWsFV0ryvRq7cH2LMkJC1Aqmhef0DmjhM0Vaq4EkFsDodCfemS0iCW0XhwkfoDfhViGR0sgzV6aSS_QXIvauMc7ZT50-_17VL6b0h27vfn5bFxjQD8n4AUtF0cXQx6odI6p6JiovwE2Gfd0HGwxJyXvl2QkkIe08UqyQfdJE_iIr4nzze7HLKwQ7BAgkE6wpN6VZIB8qKsORWqXzVh4l8NRUdIjWdwte6XjXfeVLFuCyKHdgdL5HAPp0oMb-sp2MIRpeKCjpW3AsELG099JTHrU-ErwqimLC10r4gA0zO_ehVpeW5hCAC150lmPoMVCZkVeZzR2YOhGR2PcoAgCLYaB2ABWDQHkdjKfqzLVtb39rcgFZa4Hm0xLMaXrmufrFYd-HpJ10wootL_2pcdT32pfpoU7wmf7y4-qUktuwnph6Qz5rGnCtWqvGqFA8LE58HfKiYAJ2kSfNCTQvJCo3-8Kea1j3P5XiCjKH7E_6lb3qWGMkcJT1rZqjQ8O16Fhjsw3bbC9O9fuFAHeOuGQotQspDS6PXVOdIP3owdRVCFEEVS2lIAtGtvzM0A7lWZoDz9KpGc4cdSgbtP6poaBY0B7eixvYkCwwkco6SsbO7ZmDpEuDAxnS1m_Dg0aAHhxI0hgwMlhFPYhO2UlqLfa761J2gu8nRsBCgebJpMjc4yRI9CD2_zMkYir8MOSv9cU7UzYN8BMqaGD21741ON_4krct655Knh__Fxm2eWVeyBBME4rL8oT3WOZ5CoDHx1ukEmAS5LV-W4QBZh709Y9UDfZ2ATuLXhRZy8c_FP9T-KVY_u46Cii0ozSJDb3t4sorC4BVnFydxcoB0vLXREZuSycb944u7uZYoVNusOdv96VpMNPFhUhKbqsQIg6ivlVcXsewllVS1iPIAij7KgWmi2b9CIS0s1flj1d2dxUx-yoMHjZWZIdMe2xBHj9sNnGpgusehKH92aX_tv4Xn6orf7cuHsLzkD7Wss225P00qNYKX_h15LlmchQ2KH5YX0KGV2o5UGdHiO9dAE4fArUx8KRTg9SQ&sai=AMfl-YTl528dKpvcJXjgUJatmlI-s_ewPaMfa32Fw16UF4b0O0nnhLgGfiXmaUppQ0QWx2lGs1rnxB9Jt0ySR1cLPqKAPVYsvwQFgNk4Ha8bgEO-pWyRpRl8RnBqCCDXpZkSgfmUsYL9S7NT_bIYe08NJL14vyK0D1tArRx1PH_YokJvS6Fk60brn-yih0e8XPahcAS-Jkg4VWoBWOoJxa6b-WHSzoP5ZSGGXIt1MpzmcokUO40firlnPd5IEYU&sig=Cg0ArKJSzKYsTxkdu4ZQEAE&uach_m=[UACH]&pr=8:2258C73E8AAAA152&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=4122&vt=11&dtpt=1451&dett=3&cstd=2616&cisv=r20231108.05459&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 703C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 15:42:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
3057
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Nov 2024 15:42:11 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9D4B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsubfityv1uD5R-8V8iI8TPPCeu0U1lCyzlkTMn-nNs1eAfGLvbRJjeIEP18I6TxX6f4maJSOHZqJ3UCGNOvOlOmt_GE9-eHIs4ajfUAlmuVwIO3LW9rOejXWWkoH084ExHBJBllxTiwiM3QI0I1K8HXcv-92JNqYGAs_sSzLfVoArLoyDj7jgE9jm-UYMA6WS-yAgD6qEIlzvc0MrzKrXvAomBqASFM-7ijMrfskEeTTarDGVoWGNxXgjARpmCzDV7Yjh1ni4YnqKllmGOCoAjvLXGCEjMN6j-VEVpAfQXaHoLe9BAfmo7G91GN5WUpA6qNJzofspjd2YafZknaHgJyQt_UhGAgMNUEpxCGzwBDq93rHnN3gPV_nndmcXpf0unc40fP9ZqUL5dUlmdAumL8IJhkzy7pzfc5riOOfyvP-eJ_rKnggr_8L2vpUhtpkf91QKFV1f4UIJqfGrIe6K4BPPYtndKO4r11Ecwmudyi6szH7AAP4tQsUusRMb_2oZekXTHnB7t7-3A2jXV7AimegpwDgq9XPnpD_6oP7wdfVM7sCvxIDRp_4tFxX_Rr76vsW1hh93WmJNEUmZNW7s9jl7AXTbgqR4PPGNOqcT5vl3WdKrUdcYeQodGdnPQtuAYrUnmVR2zr6h1BT_C2Wa5C-dt_rhJYeW2isbDkvR3-49ADN6EwQ5DkH6mJV-iUYx6ARmxOANpDiT3zirI-11X7u584uzvcgFOK6s7V9ZvJ7DfT0RceAjT7MuzPUWY_fOKDDvkZQvgBPZphYoBN0nn5_BPFlfrlE0AiklLyHD5B7wlU2JL6v7hqQIjXHqU1jM8fIlArvf7D_Wm3h4o9y-uZ56PbHSTvPov88P2N33Z4-ih0UueCArwaloWL44MlatvjCGa9erz4TJ_IonGtFwk7vDW6Di2nukhyF9AN1zkkJ37tnX8gfdV4JlaLYmV3ewMwkaRU82mHdzUG-7yzRK3elcUPtR_4-o2sebEJlbKHzmwK4B_RHCTfW0X343dVU2zX2bhtT2fJo0BWC8OzmKDxSBRS5zW2wTryhRjdfrUdY8FQ1bU2h0GhMH8G9lHRI-2LGN99pON2eJDOGUaJT0vMMdFgYjXINPyboIs9JB4ANVwqXH7UXMD6G1AeNx5HhIpX6QMewhWrQudl3RsfNYYBjjdRLdUscgAFmV1ueIMq2u4xzU5jeXxP6H1b4-9hwAh_VxD4lF_djDGWsGVGFPUmE4uNoxWofsMCzCZVDOpQd4pPm5vHuX_fGsFi05Ypx0IHxW3M-wNwssOTIi_Q7bEvhnNeat55R87pi__HT2bt386vF_j8KB_rpUzXnksLeGN9&sai=AMfl-YRxS-PXNJGMUetfTQqA-UuuOI04ar0SzbWxg9RiFG22y1FKw4cKBAS_C1aGYPHnTFQjwG_v8jq0mhWyeaewbFaiALvN9YHdks6xoEBP7-vbQygRGd4azvFUwjYsaeUpUj7dUQjeSgOsaNooLkBgcmBp-2tBSvbtF9k0KzRUE6HBAtLmdJZGGuIFvjkSPJJtAi0nO_BJjb1LQwxGL7BKMRoSTgpppxu90pOuuerjmiPBLh5HNAgfAf3o5WM&sig=Cg0ArKJSzHOnqy6VHl1CEAE&uach_m=[UACH]&pr=8:2258C73E8AAAA152&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3266&vt=11&dtpt=1356&dett=3&cstd=1867&cisv=r20231108.42993&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 4C84 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 15:42:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
3057
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Nov 2024 15:42:11 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 877C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 15:42:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
3057
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Nov 2024 15:42:11 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0429 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvGmRXXmA5eqrQBiQCqnYlKKYVRy8rpa_F0ZDfB7UInwb2aKyDC7Ie5lY-fuLNRMolbG12tcDgfvBL3tRvhJPF2VBdaasjrPs1eF3PzXM6_bCsOBmNjwNidedT61hZALnsy_ClCFFsY74nogBjiNkGPc7W-hu55YmRWYo3c91B8_sDmUcfJoQdU3vWrZiEIdoG4P6JJm3i_5Rkit017TFDhej393fHjTH4apwv48G5ysVm_Jk_NRU6-7kXN5hiRHk3aUYbtlOpjNR3jfllJCMgkI1itki3EDfjE0wJEI1PD-_tzr7PvhLFSPRvSNxh_0ko247Q4N_ob1-7rfnwdd84CnBqqyJRe9YuaMeTRyqAbHf8skLzRXfXdSiguqZb3dIAQFIXojlYNDWNoc3Hp03I3Eab62se8rcDNi3IpGj6Is9FJEhqW8dMPGz-zfYsR5O4r-G574PjKFTYA7SeFNDvxg4Q2sgOcsace6e1wehFkhR2cvnZ8itNhxLcX1VFhPpXM3XGEvn5xR7BbNKpuJQJFnHIpufnf89Xv1H0UcNbAR9x-xIUfAYcJHaMvJU7J0lkkLyKn6thi1W3OGqd1ZVs_9C4j-sago-paKcdh8djhhSC_sW1lcX9qbzdJBUVKJaaZIERxgSa3ij-hayK_JBnORzkoZRh3FF6VIrnDgbBaEFvMiW8KFgO2Kj4YOYcWgOzMrt2zpmw0oAGa-YVhszgsECaZNg-Ods143G9yb4ub6B0zZdfEZfRAg1NMVL_pL18av6vKiQwOGo_jPk15kNTbAeJijWkDuTSsH8bGJ8MbEYQ787HkKmAA4XQMq1qgIqYf6KP_vGJ98gTh5mvvseINGImVrW6W77Lbdem9GCtg8wxlGVfHOCYc8J3w96_MpG2_JS06ZoC9VTlV7rQudN8OgBLlYxVUhIAP16UxxaDL35-I16MgJ1m5m2ckAR1X3R4MzcD8YlHw3Mrs7y4aTIkDFAOK2uu6r-0BFmW3BzPDL9OM82CrYJb7LKna32uSh0gzGv8D31JLXzyCx4xD6JqZh1-cUjShyCRZFL6uaJTEeJRzrB4ujZGbt42NgAWDlT9228vCklwqS7FjfsGmbOK1GMPu0x2ijVl4W6YgAlpNF3gcya7oanK8igRKATxAjp0Su7TV1d8xHeotzTMDEmvahBp_TP9oLNyWTP2l8epyjNU558ZbI2LpK6Rtj_BcT9nfLmMhZPMwzlC-czRyMi_rYpiWavR66WobMMIu9GZ6PeXwHpYWLi3kro_hH2BQ0TSwBE7RtTNHR7jCE_ND3M0anqjjViFnLbZ2ntd_WQMsLo-2kk-u3n6LSK0P2roIVqHl&sai=AMfl-YQQyF2TSIWv0O5QGlpHIHDxi6keGIGcHlEH7w4qln62BeTyHo7eEmxmdSVqUAgXOxKYSF8GsEbQTQ4KAAMs_fMEVD6FEqdZ67anxr4_r_6qJUAVb65T05bRcvMj7xKa8kUpvlRTKj8gfHufpCyeOJknJczR4V1tbonP8zz1o_KmBg7Kr1D6EVEsvBmJIOp0VDsTRs8DjNQgYOsaVK0XjJdqUUrTbZuECm15Oh-t0TXdiHOotqT3pheliBw&sig=Cg0ArKJSzO6hAqEApaYAEAE&uach_m=[UACH]&pr=8:2258C73E8AAAA152&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=5060&vt=11&dtpt=1218&dett=3&cstd=3783&cisv=r20231108.89637&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 4327 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 15:42:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
3057
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Nov 2024 15:42:11 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E704 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstSmFHwdDcA5Sh1JzD1BIP1FO0mLUYDAEpVWRwQmicltS5HGcDAh9Ow7h5ZOpOvbi3iodeQBT-xMu1aJIC-bldawl8KG7WTVW7LRzSXsntHf9GDt3gJrO4vn-qwaVZXECBAzUAUKSMW4lIo_TSXGM-jBvaJWeLm-GsqwSS7Vxu5YpSK1iZGfrD7-9m-EGc1SESVumBwein8NnVSL50AyGidQkO-gkG79cAJeJPlaOoREPtP2E7JvCdhd9QYAaUAP0L4kdtLoMo2nEo0_cXN1vNO-tFCZNqCzlK1hp8TNust5mhMxtKKd-dNwPduHzYmbLCjhjdUrvVl6ZL_pgEj5C3iW760I8inFdRPKUKe1u7GLLgYiz9S0DCHn_TMsVc9Cd1AXSZSJxw9PKe1JcaYygBm4ON3iK_foAttDoFCx_dxsWr5cdj9k1CwT3GqN694yEN4Qews2IYBFEALG5C6fzIVvUIEq03-w6uDQF5No1ou6i1grs0sHHrzqjMD8X5Pi0fARbu9Y4pNUi5-PYt_N7nnkuwOxcbsHUd_WUeQSy6FoAJ_GLVL1443ewW2o9ed3VsfyuJ8FIsgz5-otMlpsEeWCP6cbyohPJh8yV4oiL1qvWPLbP0Jb_bE_EFfYlX7hyzXI3w7M-ssqeTvVGH-OaCl-g3o0eR8kkwe_hqmMCKhOt_XDkVn04dU24oYzC_bjVz_tMkOVJaocJEDCVW6tiDQOVVyvjA269VolO44FLTrDho4vZHLA4uSOcLT4N0K3aJSzp6ienJsYailnb_XoHzb-axGhljCSPLJENHI8_U8pUdjQ6v0EMWH5bgWBBdPIQNVgV-DE_7MDps1om6Zdcw9JfCVlneNoRinT14_jVuC85F2faOcpVgneZVhljtvF6J4VjnmnVW3s1VdcwdzaVmav7QPciRJk0XCkJeYZOMe_X6gmaUYumI0VWrV8xQN6BPhHqklC2GThyZFZN74dNezQWpCM51xDkxkqEeQ3eKHnBKPu6Xm_KXCjIgP9gJktrc72GHUjkrH48UQXzfetWcdjfqLUSx-rekN0lIrVgQ__e4ha4wgNMCDcT3GOOV-BrRc0yejesyZ007s_ut-iGqomiRswsY3dJUz0BIaQs-imcTbLnli6F83rB3U6ofb7sFu7f-IPSq-0_vUeKFeYOnpBqgPiLgjfJKpDrh7BCyG9mrx_LPvAaeQtHMeFaxFp8bTI8Yy5wlsQc4zMZbuQyfOfq2nDNSHEeypca4GpLB2k9-WKGAmJJZz8qzd1PP-KPkSxEsV14okFVzITN3EIEM6uCpUNqipOAQQ3Q2agTQzKvYOFsdFicyya4VnwBljPiQE&sai=AMfl-YTgx_0gM7rwYFiJKRrkygokIihEWw60fAJhSz2X4tDnqlvNbL6hnz-no9uOxPflVoDQDO-W2ERQu-Hk4A_Q4fjWdi65QvmCsRPgH7BgBBtfYG5XsFQXA0_chkqA6gR5QeDVEQaYIBq-KANx0MUtJ6AWMkTx0l8lBjCwmQ5t8jDw9LocB3CCiF90gPtvff_zb7hu1IsOxZUoqPL9VGrQyL6dk0naadJ244x8kYGZUvxJlojt8A6MeKN0WCs&sig=Cg0ArKJSzCO9wjSgHePFEAE&uach_m=[UACH]&pr=8:2258C73E8AAAA152&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1846&vt=11&dtpt=902&dett=3&cstd=913&cisv=r20231108.01255&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
BestSparen_728x90_1-stoerer.png
s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/ Frame 2F5E 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/BestSparen_728x90_1-stoerer.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3cb5b8b66ce54c2874390cd800bfcb6e3ad2616d07c74a66affba3592f5cfce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 04:46:30 GMT
x-content-type-options
nosniff
age
301598
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19768
x-xss-protection
0
last-modified
Fri, 11 Aug 2023 13:27:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Nov 2024 04:46:30 GMT
BestSparen_728x90_2.jpg
s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/ Frame 2F5E 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/BestSparen_728x90_2.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d23145bc23713908375483b6e0414d315cbe2b1cf9e05fc5ce6f7b82a1e1bc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 14:55:49 GMT
x-content-type-options
nosniff
age
265039
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46499
x-xss-protection
0
last-modified
Fri, 11 Aug 2023 13:27:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Nov 2024 14:55:49 GMT
BestSparen_728x90_1.jpg
s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/ Frame 2F5E 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/BestSparen_728x90_1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ae9c91faf3632411071a3d4b5bf7f98c9200643577e9639bd3808ad425bffcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 21:20:39 GMT
x-content-type-options
nosniff
age
155549
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21324
x-xss-protection
0
last-modified
Fri, 11 Aug 2023 13:27:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Nov 2024 21:20:39 GMT
BestSparen_728x90_1-stoerer.png
s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/ Frame 3913 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/BestSparen_728x90_1-stoerer.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3cb5b8b66ce54c2874390cd800bfcb6e3ad2616d07c74a66affba3592f5cfce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 04:46:30 GMT
x-content-type-options
nosniff
age
301598
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19768
x-xss-protection
0
last-modified
Fri, 11 Aug 2023 13:27:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Nov 2024 04:46:30 GMT
BestSparen_728x90_2.jpg
s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/ Frame 3913 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/BestSparen_728x90_2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d23145bc23713908375483b6e0414d315cbe2b1cf9e05fc5ce6f7b82a1e1bc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 14:55:49 GMT
x-content-type-options
nosniff
age
265039
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46499
x-xss-protection
0
last-modified
Fri, 11 Aug 2023 13:27:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Nov 2024 14:55:49 GMT
BestSparen_728x90_1.jpg
s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/ Frame 3913 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/BestSparen_728x90_1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ae9c91faf3632411071a3d4b5bf7f98c9200643577e9639bd3808ad425bffcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 21:20:39 GMT
x-content-type-options
nosniff
age
155549
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21324
x-xss-protection
0
last-modified
Fri, 11 Aug 2023 13:27:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Nov 2024 21:20:39 GMT
BestSparen_728x90_1-stoerer.png
s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/ Frame F166 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/BestSparen_728x90_1-stoerer.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3cb5b8b66ce54c2874390cd800bfcb6e3ad2616d07c74a66affba3592f5cfce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 04:46:30 GMT
x-content-type-options
nosniff
age
301598
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19768
x-xss-protection
0
last-modified
Fri, 11 Aug 2023 13:27:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Nov 2024 04:46:30 GMT
BestSparen_728x90_2.jpg
s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/ Frame F166 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/BestSparen_728x90_2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d23145bc23713908375483b6e0414d315cbe2b1cf9e05fc5ce6f7b82a1e1bc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 14:55:49 GMT
x-content-type-options
nosniff
age
265039
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46499
x-xss-protection
0
last-modified
Fri, 11 Aug 2023 13:27:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Nov 2024 14:55:49 GMT
BestSparen_728x90_1.jpg
s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/ Frame F166 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/BestSparen_728x90_1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ae9c91faf3632411071a3d4b5bf7f98c9200643577e9639bd3808ad425bffcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 21:20:39 GMT
x-content-type-options
nosniff
age
155549
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21324
x-xss-protection
0
last-modified
Fri, 11 Aug 2023 13:27:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Nov 2024 21:20:39 GMT
BestSparen_728x90_1-stoerer.png
s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/ Frame 09CA 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/BestSparen_728x90_1-stoerer.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3cb5b8b66ce54c2874390cd800bfcb6e3ad2616d07c74a66affba3592f5cfce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 04:46:30 GMT
x-content-type-options
nosniff
age
301598
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19768
x-xss-protection
0
last-modified
Fri, 11 Aug 2023 13:27:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Nov 2024 04:46:30 GMT
BestSparen_728x90_2.jpg
s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/ Frame 09CA 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/BestSparen_728x90_2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d23145bc23713908375483b6e0414d315cbe2b1cf9e05fc5ce6f7b82a1e1bc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 14:55:49 GMT
x-content-type-options
nosniff
age
265039
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46499
x-xss-protection
0
last-modified
Fri, 11 Aug 2023 13:27:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Nov 2024 14:55:49 GMT
BestSparen_728x90_1.jpg
s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/ Frame 09CA 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/BestSparen_728x90_1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ae9c91faf3632411071a3d4b5bf7f98c9200643577e9639bd3808ad425bffcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 21:20:39 GMT
x-content-type-options
nosniff
age
155549
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21324
x-xss-protection
0
last-modified
Fri, 11 Aug 2023 13:27:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Nov 2024 21:20:39 GMT
BestSparen_728x90_1-stoerer.png
s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/ Frame 02F7 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/BestSparen_728x90_1-stoerer.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3cb5b8b66ce54c2874390cd800bfcb6e3ad2616d07c74a66affba3592f5cfce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 04:46:30 GMT
x-content-type-options
nosniff
age
301598
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19768
x-xss-protection
0
last-modified
Fri, 11 Aug 2023 13:27:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Nov 2024 04:46:30 GMT
BestSparen_728x90_2.jpg
s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/ Frame 02F7 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/BestSparen_728x90_2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d23145bc23713908375483b6e0414d315cbe2b1cf9e05fc5ce6f7b82a1e1bc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 14:55:49 GMT
x-content-type-options
nosniff
age
265039
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46499
x-xss-protection
0
last-modified
Fri, 11 Aug 2023 13:27:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Nov 2024 14:55:49 GMT
BestSparen_728x90_1.jpg
s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/ Frame 02F7 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/BestSparen_728x90_1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ae9c91faf3632411071a3d4b5bf7f98c9200643577e9639bd3808ad425bffcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 21:20:39 GMT
x-content-type-options
nosniff
age
155549
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21324
x-xss-protection
0
last-modified
Fri, 11 Aug 2023 13:27:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Nov 2024 21:20:39 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B3AD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssiSN2P_c8JmRTGDw8ny8Mv9GHZmj2ygvHBkxj7UMMjbMHcjrQrEhMX0iDKweW7vlSlu8rTrL4GJt4U1qtE6tZSSf-ktL-fHAjTcul2Db0HNjQnvt6EYr6ugGfU&sig=Cg0ArKJSzBqEiy6B7QBUEAE&id=lidar2&mcvt=1009&p=0,0,90,728&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20231106&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699633974711&rpt=12648&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=14
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4F42 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuF-sn_jneYS4w5P4eZEVN8p3QDMAtUHoc7a1MIkA4X2k8PcZjhBNcAYGJ2uMND6f2GfFYGWVvE6VDU3HcIy_6BSr_8qmrnHcV4tSokZc-4F3uimEcTl25MqN6n&sig=Cg0ArKJSzODhuspwYOPLEAE&id=lidar2&mcvt=1014&p=0,0,90,728&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&v=20231106&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699633974897&rpt=12502&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=14
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
BestSparen_728x90_1-stoerer.png
s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/ Frame 76B3 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/BestSparen_728x90_1-stoerer.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3cb5b8b66ce54c2874390cd800bfcb6e3ad2616d07c74a66affba3592f5cfce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 04:46:30 GMT
x-content-type-options
nosniff
age
301598
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19768
x-xss-protection
0
last-modified
Fri, 11 Aug 2023 13:27:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Nov 2024 04:46:30 GMT
BestSparen_728x90_2.jpg
s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/ Frame 76B3 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/BestSparen_728x90_2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d23145bc23713908375483b6e0414d315cbe2b1cf9e05fc5ce6f7b82a1e1bc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 14:55:49 GMT
x-content-type-options
nosniff
age
265039
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46499
x-xss-protection
0
last-modified
Fri, 11 Aug 2023 13:27:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Nov 2024 14:55:49 GMT
BestSparen_728x90_1.jpg
s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/ Frame 76B3 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/BestSparen_728x90_1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ae9c91faf3632411071a3d4b5bf7f98c9200643577e9639bd3808ad425bffcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13072349498928553921/BestSparen%20728x90/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 21:20:39 GMT
x-content-type-options
nosniff
age
155549
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21324
x-xss-protection
0
last-modified
Fri, 11 Aug 2023 13:27:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Nov 2024 21:20:39 GMT
bl-34df212-770f4526.js
tagan.adlightning.com/deseretdigital/ Frame 8A33 		58 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/bl-34df212-770f4526.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74d01e8587e381b55e6f39a50fd9550b8d2418b2e90b82c407fb6ef2be46b251

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:37:40 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
hc.n5KcAgwbsAVYNvW8A7kk3FOE5y1yR
x-amz-cf-pop
FRA60-P4
age
89728
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24949
x-amz-meta-git_commit
34df212
last-modified
Thu, 09 Nov 2023 15:01:11 GMT
server
AmazonS3
etag
"f455cf8683b4657607012d3c5ed3cd81"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
iXeuaLv-00AZlvB1dY5q-0duyvsGxOxD04kqDMxE4QAf0rDt75iUCg==
b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame 8A33 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 17:34:10 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop
FRA60-P4
age
1119539
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29795
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:21:55 GMT
server
AmazonS3
etag
"8e8814a257127c5444a137691d0355fe"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
WX56OoIwnY9daj4xXsHTlSBMWP14srnKZe5r1_rALzxu21pn8rs5AQ==
b-5f40b44-9f6c1b2b.js
tagan.adlightning.com/saambaa-deseret/ Frame 8A33 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-deseret/b-5f40b44-9f6c1b2b.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6611a010c1c02623f19baee463ab2bd5d3ca94f8a6cd0219b243212fd1751423

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 18:10:55 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-version-id
fP8PuZH8BatVq5HXfIsv4.6uZaG8ahhC
x-amz-cf-pop
FRA60-P4
age
3882133
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30497
x-amz-meta-git_commit
5f40b44
last-modified
Tue, 26 Sep 2023 18:10:17 GMT
server
AmazonS3
etag
"ee93a36c1860a5bf0ba3dd2972e0f548"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
NIgCPQJnZYknxwNpWDBL3c_BMnfUCCLWuO99RssVZ0_GbBxmc88rlQ==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 8A33 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
512ccba31211eeb78e9d865f28f3fbfb22db55cdff95e09c34a6b0f5061adf82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10200
x-xss-protection
0
server
cafe
etag
17715626028257113389
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:33:08 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8A33 		198 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a65f93d72a5269c2a062899bf5c8de7851468f034d321470d46fdaa99d15ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63768
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:33:08 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 952C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss98Q2mqDgtWm7zncqHMl5rZ_A7G8LXNAWHCdx5TPEQvcPQLBgHs3GKz8YAxNbDP6ZsCy0E0l_4edwWGTPciDgx2DwZ08WQCqjS--pz96wtTbMVctBlozQxup3E&sig=Cg0ArKJSzIHoCTd-TUa7EAE&id=lidar2&mcvt=1314&p=0,0,90,728&mtos=1314,1314,1314,1314,1314&tos=1314,0,0,0,0&v=20231106&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699633975578&rpt=12036&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=14
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9D4B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstOWKQXzH1vjsfvz9eSmyxUzNuHKziUHgNHbnYRFiO8EjfreD8aQutyrjYYDQ64h3rbxSNzMRQeGk3D7NhWuWtUzLscvGQoRqd3_i22-nNSvPoNyOEdJqTjlj2s&sig=Cg0ArKJSzCKDORPZq0QaEAE&id=lidar2&mcvt=1188&p=0,0,90,728&mtos=1188,1188,1188,1188,1188&tos=1188,0,0,0,0&v=20231106&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699633975707&rpt=12031&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=14
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0429 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNLp_kKHhXQAwuc35Ek767UIEWuShhc-Y5ohYGzvmG9Wx6sgXuDyK0BAHSZTEydYCRnWkyaZ9S1mFoCfxfGx1OH9jVuq07OWu3yS_1ZdtjBBRUudQt6zOsQpJ0&sig=Cg0ArKJSzCEros0FBih4EAE&id=lidar2&mcvt=1103&p=0,0,90,728&mtos=1103,1103,1103,1103,1103&tos=1103,0,0,0,0&v=20231106&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699633975104&rpt=12721&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=14
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B3AD 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1413021285963&version=m202309260101&ct=76&x=8&cor=15390979966230577000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F42 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7912337333923&version=m202309260101&ct=76&x=8&cor=14322882442262220000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 62D5 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 15:42:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
3058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Nov 2024 15:42:11 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 617D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231108&jk=4431859809604424&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 1B59 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231108&jk=2311475159034933&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame AFF9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231108&jk=3362637149359268&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 8A33 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstv5Jh-ElpsUflmNo_GdOZ3-XEd6boujTzFnE7B3eVMILGVvnRAfivAKfsBpCVpuya5vWaPR2c4AZgIMqlfH194fDoUeh59GnFZFFHWUHxHzVnrl6tWYtcHOhVXPTHwDhiNzJLRyDGvLBtLLtZY3P5FbGCpmb1Y913Lo563ZWoEokLM3MmWIy17aICcUyfhtplcfsB6uTp8E39yE7eULrpZOmepErMCPRrqcaGlx8hPWJT4lG_kdXhSkRj26JfrWVxD1Kbiqb7t9bAN-W7lLGLUkUC9F9PlhxSPfxLH8AjmRNBol6_xpBZOs-P3Jq9H0V3rh8dsWlXSeaF7631XL4ZDp7UngHZ42OS-YKV8fOxAAw&sai=AMfl-YSq8QKnI-TtNVUUFTu7HF8ILS_n-VFuS6HO8UU2cP61tmSAad6gMTKfwH_sIr9J4fH1JQmrzowvrP9z3yzgDfxEQbGE4dXjjQOLIHVSUhBXI9srW098p3Pi33KRWEk&sig=Cg0ArKJSzIZ0yIfOVEqfEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 8A33 		149 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52511
x-xss-protection
0
server
cafe
etag
10181356014717019786
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:33:10 GMT
truncated
/ Frame 8A33 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a5207020ce54c10c164e38546924f2ba936fc73dfecd215fd2733fdac19e7ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 952C 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8739139595911&version=m202309260101&ct=76&x=8&cor=7120551725912834000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E704 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuXbCCdJQ-gr8rhDnQvf9F0GZFvMm8nu9LGGPR8GKSmsWYo2fbVdoJ_wL5KHMS-OMmQrYoEsvDL2wnkL-UtbEyJIAkjcntVzHWgZ1UZXkeT1ngwS_Ni_0X9WRUv&sig=Cg0ArKJSzHFbPvkkYqIWEAE&id=lidar2&mcvt=1913&p=0,0,90,728&mtos=1913,1913,1913,1913,1913&tos=1913,0,0,0,0&v=20231106&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699633976628&rpt=11581&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=14
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9D4B 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8274895450463&version=m202309260101&ct=76&x=8&cor=3345948237545349600
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0429 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2549094747969&version=m202309260101&ct=76&x=8&cor=8991302715973075000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
728x90_ak_v3.png
saambaa-static.azureedge.net/sidestage/ Frame 595E 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa-static.azureedge.net/sidestage/728x90_ak_v3.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC2) /
Resource Hash
3e18c8b1d97b6da1d013835a374ea4c88f5985ea76c176ebe93930dd9246bd21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 10 Nov 2023 16:33:10 GMT
last-modified
Thu, 27 Jan 2022 00:46:57 GMT
server
ECAcc (frc/4CC2)
content-md5
0BQeU1Z5BhFu3+87WleHgw==
age
110370
etag
0x8D9E12E85AF719E
x-cache
HIT
content-type
image/png
x-ms-request-id
ea8d7dd8-a01e-008d-2ef2-12a1a4000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
28093
gen_204
pagead2.googlesyndication.com/pagead/ Frame E704 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2402554832562&version=m202309260101&ct=76&x=8&cor=3700094749024771600
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 16:33:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame E576 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 15:42:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
3059
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Nov 2024 15:42:11 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame C9EB 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 15:42:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
3059
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Nov 2024 15:42:11 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 86A8 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 15:42:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
3059
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Nov 2024 15:42:11 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ Frame 8A33 		400 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.ksl.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ksl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 16:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138485
x-xss-protection
0
server
cafe
etag
3430276501448236594
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 10 Nov 2023 16:33:10 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 68FD 		603 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=90&slotname=RON_728x90_House&adk=3207061216&adf=3176501634&pi=t.ma~as.RON_728x90_House&w=728&lmt=1699633991&url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699633989944&bpp=989&bdt=1345&idt=1385&shv=r20231108&mjsv=m202311020101&ptt=5&saldr=sd&cookie=ID%3D844df475bb5eeae6%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_MYcLTca-AldOlRnbxNPEw1wJlqeQQ&gpic=UID%3D00000cbf89a7250f%3AT%3D1699633969%3ART%3D1699633969%3AS%3DALNI_Mbx_oj8txuoS4whmloLukh8SlDFiw&correlator=1920673714118&frm=23&ife=4&pv=1&ga_vid=233581687.1699633968&ga_sid=1699633991&ga_hid=1715535032&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=728&ish=90&ifk=4264501926&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079403%2C44785295%2C44807460%2C31078301%2C44806141%2C44807763%2C44808149%2C44808285%2C31079570&oid=2&pvsid=3658683040949401&tmod=1343131426&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4zreri8o2bwy&fsb=1&dtd=1522
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ksl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 16:33:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=50014a52-757c-4aa4-98b0-d55502c47caa%5E1&rf=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&tg_i.domain=ksl.com&tg_i.page=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&tg_i.pbadslot=%2F65889844%2Fron01_728x90c_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=31561bf8667d7f38&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90c_desktop&slots=1&rand=0.2537010803495674
Domain
web.hb.ad.cpe.dotomi.com
URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=476778&zone_id=2832542&size_id=2&rp_schain=1.0,1!saambaa.com,72000649,1,,,&eid_pubcid.org=50014a52-757c-4aa4-98b0-d55502c47caa%5E1&rf=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&tg_i.domain=ksl.com&tg_i.page=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&tg_i.pbadslot=%2F65889844%2Fron01_728x90c_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=3215284aaafc011e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90c_desktop&slots=1&rand=0.25431689132357116
Domain
ads.yieldmo.com
URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-2%22%2C%22callback_id%22%3A%2232399712670af2de%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90c_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&bust=1699633981780&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=1.1M-pound%20historic%20steam%20train%20to%20return%20to%20Utah%20during%202024%20tour%20%7C%20KSL.com&w=1600&h=1200&pubcid=50014a52-757c-4aa4-98b0-d55502c47caa&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2250014a52-757c-4aa4-98b0-d55502c47caa%22%2C%22atype%22%3A1%7D%5D%7D%5D
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/a/c
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
apex.go.sonobi.com
URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2232903bbf7139bb42%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90c_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&s=13c93a1c-e24d-4e78-aee5-6ab87bc41920&pv=42dcf765-bc4a-4ace-93fe-59fc7399b76a&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22ksl.com%22%2C%22keywords%22%3A%22news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ksl.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000649%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2250014a52-757c-4aa4-98b0-d55502c47caa%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=news%2Ctraffic%2Cweather%2Csports%2Cclassifieds%2Ccars%2Cjobs%2Chomes%2Ctelevision%2Cradio%2Csaltlake%2Cutah%2Clocal&coppa=0
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
ap.lijit.com
URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Domain
htlb.casalemedia.com
URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Domain
targeting.unrulymedia.com
URL
https://targeting.unrulymedia.com/unruly_prebid
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELxjf505YBXpKM9eEw1C9_A&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Verdicts & Comments Add Verdict or Comment

201 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| documentPictureInPicture string| ddmTopDomain string| ddmPageviewId string| ddmSessionId string| ddmDeviceId function| ddmUeid object| KSL object| ensBootstraps object| Bootstrapper object| ensClientConfig boolean| ensBrowserSupported object| gateway function| s2nFloatCallback object| vttjs function| WebVTT function| videojs object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| google_js_reporting_queue function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog function| videojsContribAds function| videojsIma function| videojsShare boolean| _GDPR_ object| googletag object| pbjs object| kslDataLayer object| tempDataLayer object| React object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| cX object| rubyBluScript object| rubyblu object| ReactDOM object| scrolldepth object| lazySizesConfig object| lazySizes function| fitvids function| StockTicker function| PrepScoreboard function| PickemWidget object| ddm object| picturefillCFG function| picturefill object| pbjsChunk object| _pbjsGlobals string| nobidVersion object| nobid object| kslEventBus boolean| commentsDisableDepth object| kslSocialShare object| _sift number| 2f1acc6c3a606b082e5eef5e54414ffb boolean| mouseflowDisableKeyLogging object| mouseflowHeatmap object| mouseflow object| webpackChunkStripeJSouter function| noop function| Stripe object| regeneratorRuntime number| catchversion object| catchdetectrun object| catchhoneyevent object| dm_logger boolean| dmjs_loaded object| hHNPUO2 function| hHNPUO3 object| xop object| 3hy83pegetc object| -h903lx54idc object| rubyBluPageData function| setupRubyBlu object| gaGlobal object| gaplugins object| gaData object| getMessagesCountContainer object| KslHeader object| headerDataLayer object| ggeac string| apiEntrypoint object| RevCatch object| rc_styleSettings object| catchhoneydropevent object| catchtriggerlogin object| catchaftercheck object| catchtriggermessageagain object| catchdo object| helpmodal object| removeModal object| saveLog object| eventRecorder object| catchspider object| catchsend object| catchsendservice object| catchrecordrec object| catchunverified object| catchverified object| catchrclogin object| catchsubscribe object| clearexperience object| catchnewsletter number| planViews boolean| ab_present boolean| ab_service_present boolean| jsnoloadcatch object| adblockerfound object| adblockernotfound object| adblockerservicefound object| adblockerservicenotfound object| wFAFSw function| wFAFSU object| xblacklist object| KO6P0g2 function| KO6P0g3 function| xblocker object| m-ksl-messages function| postscribe object| google_tag_manager_external object| OneTrustStub function| OptanonWrapper function| OX object| OX_swfobject object| oxhbjs object| OXHBConfig undefined| google_measure_js_timing function| OX_28ae2e820ddedf function| OX_28ae2e820ddedf_onAdRequestError function| originalFunc function| OX_7348889422_onAdRequestError function| OX_7348889422 function| OX_3053f959aef99b function| OX_3053f959aef99b_onAdRequestError function| OX_4707601190_onAdRequestError function| OX_4707601190 function| OX_4357610537a6b4 function| OX_4357610537a6b4_onAdRequestError function| OX_5701181298_onAdRequestError function| OX_5701181298 string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData boolean| senddone object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_144 object| Criteo object| Criteo_identitytag_144 object| _33across object| Optanon object| OneTrust number| google_unique_id object| Twilio object| rccbase_styles function| __siftFlashCB undefined| Sift object| PluginDetect object| GoogleGcLKhOms boolean| DFPMessageEnabled boolean| updatedone object| k1tz5ac62v4 object| google_reactive_ads_global_state object| google_image_requests object| google_ad_modifications object| google_prev_clients object| googDdmPs

96 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: ChMKBgjdARC7FgoJCP____8HEMUW
i6.liadm.com/s Name: _li_ss
Value: CgA
.ksl.com/ Name: PHPSESSID
Value: 6mc9s212doohrmntk3ok72hid5
.ksl.com/ Name: ddmSessionId
Value: utxhg93zmbl1
.ksl.com/ Name: ddmDeviceId
Value: eea1iml9x93n
.ksl.com/ Name: bluSyncTime
Value: 1699633968251
.ksl.com/ Name: bluSiteUserID
Value: ksl.hdn6ukvhgwn1
.ksl.com/ Name: _ga
Value: GA1.2.233581687.1699633968
.ksl.com/ Name: _gid
Value: GA1.2.1789319650.1699633968
.bidr.io/ Name: bito
Value: AABxIU7KnLYAABPvo4Dr7g
.bidr.io/ Name: bitoIsSecure
Value: ok
.ksl.com/ Name: _dc_gtm_UA-72877204-2
Value: 1
www.ksl.com/ Name: OX_sd
Value: 1
www.ksl.com/ Name: OX_plg
Value: pm
.criteo.com/ Name: uid
Value: 6918561c-87a8-4756-9819-ae225d78424b
.ksl.com/ Name: cto_bundle
Value: wqBDY190V1RqV3ZKSVBKR0tMRk5nVmQ3bDFRR2ttQlFsWWFzU0NlajdmQ1A3cGQzRjU4OHU5T2N5eTFhaGVhMkJaRFVNS2RDQ2ptamNuVk9leW1hMlF4SjFibkdUQzI1QmJ3ZjhrSVVjTlZUJTJGUDJiRHJyJTJGdFVQWTRxZkV5MmtLeVJEeSUyQjZKcnFpWGFCTVA2ejBPaXN5SU4lMkZPdyUzRCUzRA
.ksl.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Fri+Nov+10+2023+17%3A32%3A49+GMT%2B0100+(Central+European+Standard+Time)&version=202210.1.0&hosts=&consentId=9ce317c5-ec00-420a-b30e-95cae5bc0426&interactionCount=0&landingPath=https%3A%2F%2Fwww.ksl.com%2Farticle%2F50775684%2F11m-pound-historic-steam-train-to-return-to-utah-during-2024-tour&groups=C0001%3A1%2CC0003%3A1%2CC0002%3A1%2CBG223%3A1%2CC0004%3A1
.ksl.com/ Name: __ssid
Value: 060e74bb468865b18c290191e1cdebf
.ksl.com/ Name: __gads
Value: ID=844df475bb5eeae6:T=1699633969:RT=1699633969:S=ALNI_MYcLTca-AldOlRnbxNPEw1wJlqeQQ
.ksl.com/ Name: __gpi
Value: UID=00000cbf89a7250f:T=1699633969:RT=1699633969:S=ALNI_Mbx_oj8txuoS4whmloLukh8SlDFiw
.doubleclick.net/ Name: IDE
Value: AHWqTUkddzVwD8FcNHe9-YuVSSHByA20apD5Zx_AU8QTpXxtn8hhNrtYlfiwgz_2H8M
.ksl.com/ Name: _ga_JW89DL7T5D
Value: GS1.1.1699633968.1.0.1699633970.58.0.0
www.ksl.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.ksl.com/ Name: _pubcid
Value: 50014a52-757c-4aa4-98b0-d55502c47caa
.technoratimedia.com/ Name: tads_ipv6
Value: 2a03:1b20:6:f011::5e
.casalemedia.com/ Name: CMID
Value: ZU5bNKWNMtQWX.mrcXnT.AAA
.casalemedia.com/ Name: CMPS
Value: 1142
.casalemedia.com/ Name: CMPRO
Value: 1142
.ingage.tech/ Name: instUid
Value: 29bccf64-7590-4da7-9795-e8390147c0fe
.quantserve.com/ Name: mc
Value: 654e5b34-7accd-f8770-969f6
.adnxs.com/ Name: uuid2
Value: 7265742245611248552
.ksl.com/ Name: __qca
Value: P0-2004685864-1699633972045
.quantserve.com/ Name: d
Value: EGMBDQGyKrjvsQA
.lijit.com/ Name: ljt_reader
Value: HokAsRZHabiHgYW-QmeohwKU
.servenobid.com/ Name: pid_333
Value: ZU5bNKWNMtQWX-mrcXnT-AAABHYAAAAB
.gumgum.com/ Name: vst
Value: e_492a0dd3-61ca-4d1c-a3a8-897bf14fcabb
.yahoo.com/ Name: A3
Value: d=AQABBDRbTmUCEIAs0Hnf5y3FNFn54VqmYn0FEgEBAQGsT2VYZQAAAAAA_eMAAA&S=AQAAAmwtPVuxx0_nDv0lE1OmXuE
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.smartadserver.com/ Name: pid
Value: 3176850909799481346
.ads.stickyadstv.com/ Name: UID
Value: ac6c45b1af7e260fcd386a36b7f7
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZU5bNKWNMtQWX-mrcXnT-AAABHYAAAAB
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1Mje2MDA2t7QwNBXiM9T1tSy1CC8OzCz2948AAFigXJ0lAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1Mje2MDA2t7QwNBXiM9T1tSy1CC8OzCz2948AAFigXJ0lAAAA
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.servenobid.com/ Name: pid_312
Value: 7265742245611248552
.servenobid.com/ Name: pid_324
Value: 5144588527380379815
.turn.com/ Name: uid
Value: 3817330636728049063
.servenobid.com/ Name: pid_310
Value: HokAsRZHabiHgYW-QmeohwKU
.servenobid.com/ Name: pid_317
Value: 3176850909799481346
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7b545757-4080-48e8-b12d-ce9ee5f1f051-003%22%7D
.bidswitch.net/ Name: c
Value: 1699633972
.bidswitch.net/ Name: tuuid_lu
Value: 1699633972
.servenobid.com/ Name: pid_353
Value: 0000EEA
.bidswitch.net/ Name: tuuid
Value: d895ada4-f3f6-42f9-a3c9-0e0155e2744b
.openx.net/ Name: i
Value: 01a3372b-0e71-4b5f-8f7c-7d45221498ba|1699633972
.servenobid.com/ Name: pid_309
Value: e_492a0dd3-61ca-4d1c-a3a8-897bf14fcabb
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7b545757-4080-48e8-b12d-ce9ee5f1f051-003%22%7D
.adform.net/ Name: C
Value: 1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 79cc6f011f637677
.creativecdn.com/ Name: u
Value: gVTAiOMn0WWeadP1g58M
.creativecdn.com/ Name: ts
Value: 1699633972
.adform.net/ Name: uid
Value: 5851998803673849921
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-22c03961-f514-3628-ae79-e36580725b6b
.servenobid.com/ Name: pid_321
Value: RX-7b545757-4080-48e8-b12d-ce9ee5f1f051-003
.servenobid.com/ Name: pid_346
Value: ua-22c03961-f514-3628-ae79-e36580725b6b
.mediago.io/ Name: __mguid_
Value: 4df39c498269a9482f5cvc00losu6mng
.rqtrk.eu/ Name: browser_id
Value: 1:2e08ffd5-b843-4d61-a330-60579670ecf5
.smartadserver.com/ Name: csync
Value: 22:1760102417468539209|31:d895ada4-f3f6-42f9-a3c9-0e0155e2744b|150:0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
m.stripe.com/ Name: m
Value: 95ec7e27-73bc-40ee-adc6-a984ce1dbdbdd48f96
.amazon-adsystem.com/ Name: ad-id
Value: A7V8sR-aPEAwnD93Q3zdnO4
.zemanta.com/ Name: zuid
Value: dBv8kTB4gYsc-6473UTy
.liadm.com/ Name: lidid
Value: ae222ae9-6e01-4618-b11a-8c15aa86f175
.ipredictive.com/ Name: cu
Value: e4a0583d-fb42-4352-b9f6-68e136968548|1699633973059
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-9c32c789-6543-54f2-65be-a04596db0b1b.fFGbGR9yJQuwBSfwQO%2F9M42ghUpT4x%2BRHMsHBXN5UNQ
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-9c32c789-6543-54f2-65be-a04596db0b1b.fFGbGR9yJQuwBSfwQO%2F9M42ghUpT4x%2BRHMsHBXN5UNQ
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AnDLHiWVDVPJlvqBFltsLG7nVm7E.72vj%2FOMzOGQYTuOl5Vq3XmT%2BUv%2FSGDz68AHyzEm7fEg
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AnDLHiWVDVPJlvqBFltsLG7nVm7E.72vj%2FOMzOGQYTuOl5Vq3XmT%2BUv%2FSGDz68AHyzEm7fEg
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGQWMG9vh9igtc0FXNiLZ5qFzwf_8d9KdURPydNJl7aSEHwYBCC1trmqBjABOgRzygDyQgTnndGq.72WVE06nQcwTqSZxRLt9Jv1aiN%2B9hP5treeh1Zz%2Fmuk
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGQWMG9vh9igtc0FXNiLZ5qFzwf_8d9KdURPydNJl7aSEHwYBCC1trmqBjABOgRzygDyQgTnndGq.72WVE06nQcwTqSZxRLt9Jv1aiN%2B9hP5treeh1Zz%2Fmuk
.rubiconproject.com/ Name: khaos
Value: LOSU6MXF-1E-6HP3
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qq04auIKPEwDz5APvdogVCbaTd6KyMQnas9gLr7Yht2fXXzsoCKquGkjkRNxsOZmW2jkrb82NJt2q0edBLPeZXVrv77zFnvJyi+xUA9sgf/4bKpUjWTmmg0
.go.sonobi.com/ Name: _usd_ksl.com
Value: 42dcf765-bc4a-4ace-93fe-59fc7399b76a
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uis
Value: 5ad6ee24-7ba4-4966-92df-ba57b2a9696d
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1slymtoZmlpZmxsaW5mZmR4ShzBNzIzNAEAgW_XnyAAAAA
.doubleclick.net/ Name: APC
Value: AfxxVi7qYXiLQuKt1LusIFdATKREFEA6tUl_NMpc2d8mZIHuDC1A9Q
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In?h+6)W!]tbPl1M>e)ZlrFUfJ+tGXxo@_>4D(@6jwbYQq%9CuXkzEqxJe_KBrJ7)2`^3If)y3KL9D3I?-<F/D_Q
.company-target.com/ Name: tuuid
Value: d11ecf12-2628-4170-a9d1-932852cb0ece
.company-target.com/ Name: tuuid_lu
Value: 1699633979|ix:0
.demdex.net/ Name: demdex
Value: 44280759628138578123393041825785430499
.adsby.bidtheatre.com/ Name: __kuid
Value: 6d1d0106-ae9c-47d6-a7fa-bdf5a45a9c2c.468847980
.dpm.demdex.net/ Name: dpm
Value: 44280759628138578123393041825785430499
.prebid.a-mo.net/ Name: __amc
Value: 10_1699633973_1699633981
.go.sonobi.com/ Name: HAPLB8G
Value: s86198|ZU5bQ
.adnxs.com/ Name: icu
Value: ChkI07mIARAKGAcgBygHML22uaoGOAdAB0gHEL22uaoGGAY.

11 Console Messages

Source Level URL
Text
network error URL: https://match.prod.bidr.io/cookie-sync/deseret?buyer_user_id=ksl.hdn6ukvhgwn1&_bee_ppp=1
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security warning URL: https://www.ksl.com/ensighten_news(Line 579)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://www.ksl.com/ensighten_news(Line 579)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://www.ksl.com/ensighten_news(Line 579)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://www.ksl.com/ensighten_news(Line 579)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://messages-microservice.ksl.com/user
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
security warning URL: about:blank#blocked
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other warning URL: https://d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1(Line 16)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELxjf505YBXpKM9eEw1C9_A&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000;
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

00bd33c21fd21f2993a60e7dd9823991.safeframe.googlesyndication.com
1x1.a-mo.net
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad.turn.com
ad.yieldlab.net
ads.eu.criteo.com
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
ads.yieldmo.com
ap.lijit.com
apex.go.sonobi.com
api.saambaa.com
app.protectsubrev.com
b1sync.zemanta.com
be.durationmedia.net
beacon-ams3.rubiconproject.com
bh.contextweb.com
c.amazon-adsystem.com
c1.adform.net
casale-match.dotomi.com
cat.nl3.eu.criteo.com
cdn-ima.33across.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.mouseflow.com
cdn.siftscience.com
cdnjs.cloudflare.com
ce.lijit.com
click.icptrack.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
cookie-cdn.cookiepro.com
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
csm.eu.criteo.net
d3njgrq4uvb497.cloudfront.net
d85fcaec028ee38c1a528c2f93035bd7.safeframe.googlesyndication.com
data.privacy.ensighten.com
deseret.technoratimedia.com
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
eus.rubiconproject.com
ex.ingage.tech
fastlane.rubiconproject.com
fonts.googleapis.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
hbx.media.net
hexagon-analytics.com
htlb.casalemedia.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
imageproxy.eu.criteo.net
imasdk.googleapis.com
img.ksl.com
js-sec.indexww.com
js.stripe.com
ksl-d.openx.net
m.stripe.com
m.stripe.network
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
media.ksl.com
media.twiliocdn.com
messages-microservice.ksl.com
mug.criteo.com
news-api.ksl.com
nexus.ensighten.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pages.protectsubrev.com
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.rubyblu.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebidads.revcatch.com
public.servenobid.com
q.stripe.com
region1.analytics.google.com
rtb-csync.smartadserver.com
rtb.fr3.eu.criteo.com
rtb.gumgum.com
rules.quantcount.com
s.amazon-adsystem.com
s.company-target.com
s0.2mdn.net
saambaa-static.azureedge.net
saambaa.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.criteo.net
static.ksl.com
static.rubyblu.com
stats.g.doubleclick.net
sync.1rx.io
sync.adkernel.com
sync.go.sonobi.com
sync.ipredictive.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
tag.durationmedia.net
tagan.adlightning.com
targeting.unrulymedia.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
u.ipw.metadsp.co.uk
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
web.hb.ad.cpe.dotomi.com
ws.rqtrk.eu
wt.rqtrk.eu
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.ksl.com
x.bidswitch.net
ads.yieldmo.com
ap.lijit.com
apex.go.sonobi.com
fastlane.rubiconproject.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
prebid.a-mo.net
sync.search.spotxchange.com
targeting.unrulymedia.com
web.hb.ad.cpe.dotomi.com
104.18.29.148
104.18.35.167
104.18.36.155
104.18.38.76
104.22.59.219
108.138.1.25
13.32.27.10
130.211.32.235
141.95.32.69
141.95.32.72
142.250.181.226
147.75.84.158
15.197.193.217
151.101.0.176
161.47.17.28
178.250.1.6
178.250.1.9
18.184.214.206
18.205.170.196
18.245.78.146
18.66.147.119
185.184.8.90
185.64.189.112
185.64.190.78
185.86.138.152
185.86.139.104
193.0.160.131
198.47.127.205
2.19.85.30
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
208.93.169.131
211.120.53.201
216.52.2.30
216.52.2.86
216.58.206.34
23.211.10.95
23.211.9.5
23.211.9.91
23.213.164.226
23.218.210.30
23.56.202.187
2600:1f18:ed:550f:9c1b:36c6:f801:176e
2600:9000:206f:d800:2:8f43:5780:93a1
2600:9000:20ab:7200:6:44e3:f8c0:93a1
2600:9000:223d:5a00:10:ce97:9fc0:93a1
2600:9000:223f:6000:1f:4c18:bd40:93a1
2602:803:c003:200::21
2602:803:c003:200::77
2603:c020:400d:3000:7130:bb0b:d7e:bee2
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:2800:233:f76:14f7:d635:25c4:c8d7
2606:4700:10::ac43:2954
2606:4700:20::681a:de1
2606:4700:20::ac43:4591
2606:4700:4400::6812:2894
2606:4700::6810:5714
2606:4700::6811:180e
2606:4700::6812:1a32
2607:ae80:4::26
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:802::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:813::2002
2a00:1450:4001:828::2006
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:830::2003
2a00:1450:400c:c06::9c
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::c
2a02:2638:d::c
2a02:fa8:8806:16::1370
2a02:fa8:8806:16::1460
2a05:d018:d29:3605:b2f6:43fb:c655:2341
2a06:98c1:3121::3
3.124.119.57
3.229.12.239
3.71.149.231
34.102.232.42
34.96.67.224
34.96.71.22
34.98.64.218
35.157.200.246
35.208.249.213
35.210.239.72
35.230.100.254
37.157.4.29
37.157.5.84
37.252.171.149
44.205.140.116
44.228.215.240
46.228.174.115
46.228.174.117
51.89.9.254
52.210.15.1
52.213.27.93
52.214.229.130
52.31.140.196
52.31.205.224
52.46.143.56
52.5.164.211
54.156.137.107
54.164.94.122
54.187.119.242
54.73.169.212
54.87.70.183
64.147.128.167
64.147.130.148
64.147.131.160
64.147.131.201
64.202.112.95
64.227.64.62
69.166.1.35
69.166.1.8
69.173.144.138
69.173.144.165
77.245.57.72
8.18.47.7
98.98.134.241
006b8f60f30ed5210c6d4cc52dd703f0d62124d5ace9a5a45fede025465a2fbe
00d927f5fec767123ecb52c8fc8866e2e730bef44833d4b7dbdc9972168e0538
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00df4c71abce5525e275be8f94ee32a07ffbeea94226e8096bbb432e3928e8b1
01df456b85acb77a180ad7d890f265ea448289bdae9a4b54c58d919b4d484c2e
02921029146a0eb50a64d96b7e0128e92442ee0c15a3a52bc8d20bf80760d8bc
02eb04d67c2aa1fc80a323c7aa6d9a0ffebaf83c9bb6effeb3b57b9ce2669b7f
03aad58f643224f6ce0d2172cb2ed55ca8129bdab96873e2d4ed033972f0c800
0442b6a649fea4622d37e7a5749aad5b7f4d08a63fc71bed1b7264b6785565ea
04d6cc3e3ee14809562b9047e43fa0ad1abef88384e5e74c7af7a1eade26d983
0526a53ff839da53ef7fd632806ab6129c4b37d2450a5fe78decda76da1db83b
058bfd62e370ac55391bad045c25a24c8ba80412e17e8e39da6e97960ac31494
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
087d847ee64707e372f572145600ecbcb13f2dd2382fd8962326f2fed03dd85d
088dbe5e4bb2f902e2e7c62ca7a15bae5cb55f4708d99f7c4daae7148a19a865
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f437d82fedfc3c3a81cb9aa2da6bbc7030502c870643d6f171003374c6beb2a
11ba48de51ec1617bd546b1f6d45811345473404dc4154afc5205ca90545b111
1207f68398ab257ac681f64168d2b260e2dc06edd29add10159ca861151fcafc
1227da09c3a664c98b43c83bbe1e0499fae7ce9446f7174c066713fcd1bf27ee
133ceaab8eada4b31b23b7c71408d4be47c08987eab9a177848720e3cb6de8ef
13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9
1475ec513f7af5a365888c8dedbca764630c7295a1d818871cf27fbe438f3e86
14a588f8e8f3deb23adc8c768d252cdb70621f4983706bd76f230d8e6e8cb91d
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
15e7189c4a38384e935d2063c00d0a5c39ac818e1b059a681f1bfd837e8132c9
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18bef476ae9d24a4ce040b083f9fedf3b80fba192b5ccb9e61443e443c1d5133
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
190cb63e3f278f729de0d7b46d40a3a5752dc4a25445317a742767de3adce63a
1a6f6e4ac7d155fea1d1ed28140f66501f5e5a6dfdbf7e0709cc1f162afdc89f
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd
1c8a02e2521b164293e4b986b3aba024d45f0c5f623c63307948f37c548b7daf
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1de4ed6060f4cfc95630431e5658bb447548569491ce757496491f944694d8b8
1df9aee0014c1553fa6f462aa38714f3f35678bba639483b6141e42e52ec2951
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f9ce9bba1087c7035610f63b9ed2e1308083f7da024eba91fc27e2febae8d2d
1fa746168ff0170b7875ddf50bce27e486e8ce2620c2aef23b250bb147dca5b7
1ffe15f0d46f175442fdfd50730fd2bec535ac1e34f76813291ac0484b310acc
20bfbab5a8b1b288e6dc6800d88c535706b181ad01830c847b306284e03c3769
216efa3c54e84bc3025b3a5cfdaf308f5c2dadf624293c212e3ecdc9b0cd122c
21cd559db3c100842a8ef209f2579e691ee47e2d1469ebeaaaac7cbd439509ab
23e39e203a2f9ea1ae6f0f47ad5a372f602d9a8c615b8d6c5f12fb9b4f037ec9
25e1217aa2f8e9e2e3324b8ef2587aa9752f59a616f2df9b5e8343c4c32ab36d
27623f523168b7b4648e3bebc9ede4c571aa76a596a2c1e54ff74227631a451c
283b284e31974e34ae4ec9bccb973d942fd6dd1e50f4999f40d02a6e6ae14353
29498a65a2e753cbb2a458eb007ea1604501f4fcbc624f348498641ad6688c69
2a91798d2ac49e912aa7c9e7646a165a77b368f7a4d50d81bcc4aa7b0cce8dd9
2af6de0161679525ed17e3cab74b1f2ecbadbf3a3e83706d44549aa377daec16
2b38f2cb553562feaa1db64a4026fbbd8833e0459410392cae926399a75c4d2a
2bd27fb4cdd30b9b0c730e44a8ec482a49dbf95eaa5c3f399c816dfef9990beb
2c4230b372dcf07166678304ea268bb3f40b857b3b0d6fde5bdd069cca3923b4
2d9d4384d3df7f7bc78e6a4ccbc9401d1be1d37bdddec58a7b489bdb44d95145
2e744a66257c7c975261db63da2cc0b344ff2a82621849aea8c8c7019337df51
2ed33f483feeb949462d583e5560ce6871d81a0fee8a7baf7a59ba7fc5390c17
2fe3a8d53ca6467e9eec155a06745c4de7565d2e53b718d180191ceb92e6898c
30b1dd9c4b0f94848b8397ff2100a82510576c70c3db0680a167c4e4f57d541f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
329728db5eeef0f2ced36fb7116dda5e6ad94735c5dc7dcfd89a4ae5f6eb3540
33cc0a21c1ca8eab50680298fedb8440589988e511a82348b00290bb111a4c8d
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
3524629d6188e5d9b6609362e17273cd1430da3ca0ffceb81a2337bd574a6e7d
3604b7c2c085e2b36490fd7683eb5ff4cff2f24b16f887b6052214d65c520af5
36c2ce3c5fe8f87612b9a8e16716b42ca98f769ae99c2a8ace1a2a1522049f73
36c6f004fbdebb97d8b4f43a27f3abe87d906a15bb95e5b21be07cea2a006c77
36f0b69fae7f3869798bfca26483b4acbcef6c186c738e7c7069ee193eb63805
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
37d4ded8f64e33ceae037d83ccb9660f094602571b84fa618feaf017af85f038
385d14ea0036c33851999dd46139db5b0f17982cfcefb77f2876c37a64f6a372
39a1e488d6c5550775840cd635255b77a732fc26081d6ca304f9d14053842849
3a3cfc9d3fc56afd18ab946ef72270d0e911db922c88a1733fc6ef8b5233f86d
3cb762491dd535431d82bf4367bcd3675e7e77ff9887754beeb9cd463d7460cd
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d68e16c42b0a651c32705771904b4033f0920b023aaa84c993eb9e9586454ce
3dad89bd01783443195a892365b91096da2f6ebb36b2169ab32af37344c82f1f
3e0a92f4f9ddb4870341490a478a903eff292f2652a6739aba6a20fe0d85943d
3e18c8b1d97b6da1d013835a374ea4c88f5985ea76c176ebe93930dd9246bd21
3e50b53bc2ebce1daa659234636eeb0757bdc9f4968a96aa0654d1ca05c39427
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ffbda7a25b818a4e95e022f616637705bdfe41cc40b5ee8bfc0ca59d3aa55fe
406cb9d8b78a968f2df0ee2709c42c3fe3baf4a0394e9f37c4ca0ad2ef5cb21c
4218d0014ba9f007500a22607c8bca8c90283808add5cdde9f49e66309c0fd64
4243547ff2c879a868e967dd91b7c7b33d799a833e04230ffa7b2a9f287d3153
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660
446b97e70c328363f2cd5fbc1eee6d8307ee92ef0a8e894bbca5409e110095e4
451d789d57891d5f9c36466f747a49be8053afa37bab816bd48ef8d408d71171
45a3af26e772e32e1890d13c9c7056099333d8f6e8831100f8fa8fa484b3f321
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
470510879b39ebfff84ea4b9bb57666e669867ff52db845491fcd0d53865ee8d
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4912e03919f93cc8a89f00168b4160a62dbdcdb1a76b483794d2b90f5493d908
4926c7670bd5a97ba531632202ff2adb8e8c81ae1dc49b35a7699a478c559b77
4963bf873ffec4c0e6262930932055990a587250d00c309e57ef604251fff067
4b35ddfc206dac8aa6c475d087df42b9406ed0981dce37108b308fc9701fecc8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d33b3ee0910bcc43e0a87dd829999c5229cfcc83cdff99f715d510907107963
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
512ccba31211eeb78e9d865f28f3fbfb22db55cdff95e09c34a6b0f5061adf82
5166fe8746f6b483288d71cb0e9ecd28992a671ddfea88cdf1e4406c1304559d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54cddfc45b373881f87b7f0ed6f847514c27b12e7a1692145ddd2a2ebba01efd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566afd5a046a14f791403704e37a87203f6e047e7c501088f3883834eccceb27
57de05264028a31a958c3315bb559a979fced7919c8920a4c36beaa14c5db5a1
580fdc067c366d8425250f099c8c0e849ae9a66cbaa391749c3673b506ccd099
59ff38445b0eadd329b3e7097f2bbf8f0b946312cc396ba22ac0e0cc00741140
5a19c1b06d1725e1663d9ae64707dae0e69a24ce9d0a280d648a92d28c31463c
5a990e03eb35c8aa9b2d99a198696d5c703ecfb56dccab8194bc89f6eb6aa028
5b647edf1597f3427578fc09d41be48660f2388e92022eb0693975efd38acda0
5c2a91d521e3bf89fa58b59e8e636dbd8fb435547c376eb4fd04e583f62d947b
5d048d1ba1fb1f78e38c3e0cc432db86fb8138d98d4b61242b1b7951f62208b1
5dad1c01364bfd5e941690d76f1fa3b214d9b9c1edf61dc23ba68d249e95e788
5e3f8af360a280016951b4c61df6f4e4d947844e2b8047b6dbe3a03e60f95ab5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6330096e6d5a3fc2941a897f2f68f4c03599bf54bd7c1a040adfa9ed681d04c0
63f05313fcf85fc994fc1d68fd89e292a8ca990fab244cfb2812ce28b4f32988
64b9e3a9f047e154055f48aacab1f38219a676816b01e78373150a2fbb5eeb75
6611a010c1c02623f19baee463ab2bd5d3ca94f8a6cd0219b243212fd1751423
66b6068dbe1948f57441d09c9844769b99e7881997b5fe3255e0a694cb89b849
66f38cac3b88e3960e14d0ea8c136ddd9b281efb6413d8023271662dd8dedcab
683e2c114efa94a57f38b85a062310e415e566b7256ecc13587aadb288b06866
6a15af42dcf8e6705a1ecea1dc8a864ce0c050b8c2dc5365d760f6f8b2477825
6a5207020ce54c10c164e38546924f2ba936fc73dfecd215fd2733fdac19e7ed
6a964b3f88212b95bdcb59c34422db328a613bee81daa0ccee0bb518cbf642a8
6aabec3f3072d6aa3d9f0511411fc17fc742d2e0c30579c8dbcd5978eb82a942
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16
6b6bdb341440c662d46a4fe200f47772ede3040d2ce52ecfcab8f017f4fa2738
6bbd05df1a94895f66312b1ef71c4d82510556a6f30c31601bbe7cdb3097441e
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6c7275a67bfaa98f0ab91c8aa5c2a010414475cfeda39da85db6f9da324f0e95
6e4d0e25cfdf421234016ec8daead167b659ab6ba94d3bd603353d4ed568b0a7
6e65aecb8a21b66d9aeeea4d926d72d0f1023ca305327859bb69117e813468fa
6f010b15457b99654d30679e1e94953617f6d3ae563c24e64cf44fa694febccb
6f0425747a339ebb3b79254d022dcc745aacf1b1fdafdceb51758f156e34a5e8
6f3a01e144ec2db45bb24f5ee5e9ed1da37760b01593395c01e4c1e4780b89ae
6f8b446aecdfa4ae0d4dd35da0fa5808c539cc1fad1545368150f75a3b70a02c
7029d848f52bfa1b717070483f5a9446bade819c06378e48eb09652eda2a8bb1
704c56de5940e5f336c443ea05d6520fe7dfbd0f288e2ff1973ff916cbff54dd
7067d2a92ce109d6e46b479b03432b7fdc7894777d0d3eb0057d6535c8b4754c
70f9faa8791e1eca1aca0920a81c75bdef3cd8d90e5c229529622031bb1f16cd
719384b064e91786e19c1faec928e5041cad9a1c62f01cac4b6ace4edd5b8c0a
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72ea9d7aa328355120e12223f236710f9c1ce2d32109e99aab08d6d2a3534f1b
73cf3800e65a9afd21982a424d76a307c5a0a397c863df438d3d6b6c827663ef
73da3b369596f2ea8e701ec80155bf93c638eb66f1de5eac9a88f2eb8e565fd8
74d01e8587e381b55e6f39a50fd9550b8d2418b2e90b82c407fb6ef2be46b251
75b7e88c9e6b18ce5a9fa4af3127d87d8843536f43aadac52db31cc1080baa19
7620097e1d921baa8759da601212b8082289e650eabe1535db783c895835cc49
7815473f068f708bcde391e444f1e2d3f19d1ead1174a2281a8833648356b80d
786fce9d5ecf97fc91a93700cb2f05152a094d85888c6de9586f2d7bd23597c1
79cc89dd1b700ec4f1cb750bc229b43af8654027c204d0fdb19f0e1d575109e0
79ee65f72fa14e1c7341544990b8210570f1dfb3cddb95d4695f2a928508dca0
7a4f6b27d0e9d490d98fd5367f212502d1bee2721748e624e6ad09e6d744f3c4
7ae9c91faf3632411071a3d4b5bf7f98c9200643577e9639bd3808ad425bffcb
7b544412a8a43bc55017f73cc65d9f50bcad137abbada5a182c0b6008df59beb
7be38ea67453b90444c7bf8ce2b7d3ebebb829fbfcb469ab6a59248ad3272f7c
7c40cde8989c6bc96f14889dbe7f8ec1e337a0bf8eda8d84602ff2965e765373
7da0fd34475774aff3277f694f48edb82c033fc87544a20c936335d36f500fe0
7e5732c22bd4d4f04611ace5230fc4409f3c4ce9f73801781da68d680d295eb7
7e900103c3b7dc52478ff2a8b80beface411b2c76e0bf6b37aeae00af72b8a29
7ffe5ef53349cb80c8b76d184c1b9622cdea09c3e84f43293163bf612e449cb0
817bd8ba7797e05751daf4ce88ac96d89a3dbf9d8580e6d745bb1597a003a6f7
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
828acdf12199df0d8c86f7ea1c35fd0ad9a3cd2c15b5d4234bc36acb5bff55bc
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82ebdecb03d2e4a25b910ac00ac28d93382f14f88bff3d0f36b0f9bbdf46fc22
8336063afa451bb87a1caa09f93c34755f7c9ece5c22513eb3cc40094461585b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8360f93cd65cde928c379ce390bcb585347952dbb409925a1675a977737c4d02
8393e8b9e8d3b79f0aeb5007cccb822b0d2bc0b9aa92d2bea522c5f858e8fb7b
839e7c6761776f0e1c251d29d443dd8e29c6d3beefeeb8925c58a74ba784bd30
83a65f93d72a5269c2a062899bf5c8de7851468f034d321470d46fdaa99d15ae
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f449d9e5c4ff3c01c47eb2d8cf89232ef09239df157fb77ea94bef14544da3
8585bc1dccfc07ded8089244f8ace10eeac78a61d670e12ff0dc4db8969cafff
890a886cf18eb886ad3785be497a8fa161fdee50828cbc1f4790e6e6cd03086e
893224fd54693b28f808fe5434aeed803b81f08ad3b9b02a190a4518d3b0b6a0
8962cda663958c916414d04ee15873722d4d0604001d8bdf4f4e7460a37dfe73
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
8ba59e4e15e739c6144513b9db3414f3e36185f3ac24120f62171eb3acb30b46
8bde715c88d28cf0fcf7fdd31aedf903acf6acab04cc1602572138cdf93e2765
8c0ff445c8bdce036c164f67136edc2bb08462ffa4186d3c38b7d9e5633ba293
8c2e75fec8a4d2a7d465709889e61cad5e565ae7ae5d8a9550f71b76bfcfab6f
8cd207b3806b3bf877e7addcea7bd599147c16932f897192acd3bb4da01f005d
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8df4e2508308452516a8972eb7d993d970eefeea6705487b0e100c0fa7b4b447
8e0990fe603256382ac73a946f35457323051295c613f73dab9a0046d4b4829a
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
8ebe4963ca08a041fcbb87a4232bf58b1ae55c3b5623a3a2d9d79491bb46c674
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
90767fabd53fe6949c8e19f3ab9d3da69cfc52c7bbfafe42739ed14c2e837920
90a0c786d4f7bea885f3a34d24c062569f989bab4988a5a54614a1a67e4b44f7
90f1ad6425e69110b0e04f84fe9d7a2cbf28ce81436357ac9253b8e091e516ce
912969afdab9515911844e31b7d76ab49a21b27c9f9f01ebb7078145c29bfe51
9140d7a42d04e663344e3e1eb41470a160cfc3fc194023908a3a72275c71dd57
9189b2c779e847ab5747c2a567990838435689f0abe79a0ea79c3690f3e7b062
919c4bf5539c0cf7f9544d20bbacf612cddbb4ce49f88afc3a7bddb23c91c7ae
92872640729ea3279d405957f74bd9b7433c73a04db66f5c7c93ca67358125c8
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93d01f0f0e24b7d9e35675205a906e14b6f55fb50af8661694e568430994c6e2
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9508013aa8cb5143b32e62558f116c06a909d285eace78f4fe2b0a1f3e84fb83
966dd0227f4d7cc7b0ec05dab35e82535e52beef35ab383078a60ec735c287e5
989777634db26e3fbfb3eae03bb7b4bd260e2f47f4fbec21d1396dd21aa72ec4
9903035e5b61b366e5709819a66349add4a4d132af460c00dc37babc30774ebb
9a3c0dea79451f14a44c5a391a08f048af08e1e77d5b9caf1ea343d5d850291d
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9d23145bc23713908375483b6e0414d315cbe2b1cf9e05fc5ce6f7b82a1e1bc8
9dbf76fe871648e04d8a66b1f1a28df4a278b7a619ccd1a8ce2ef6f18aacb631
9fd7336d20d7c9dcde9e7e43d5a653f700ce29ef345f4283bba54a117bc139f9
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126
a0a0cda3caf266fa1240bc753fc52a68c29a1f6b40d19ded793605f1272ace94
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a0ee4665b2195c13c76ba6dadd7bcc280197817dbc5e7a6bd1ad0cf25478349a
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a5b86a09e416e39340678461936df79efa5c34210bc9bde0878e7fad5d31b556
a5d0c42591cd5afcb987fa107534a2352b39aa59349caa9763fb6c1d92e78dff
a63b336b9725ebbd0408cabf21970e035be01938b3f1dd4c8844ee95a375b962
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a80524148ce6b6d34b7cd174760d9e5616ecb56e6fe2ffe90e18ac9fc0a6e87c
a8ed9456b74c249bdb7a50d95659d7f1cfeec6014d19c253680509cba050f599
a98ce90ce7a2551c432b6993e0c61b3b9b1b8863931d567f896a65b7d0087128
a9eb2486888ff6a00ba3d89f51de2f5b4f7d81d4c0f44efef65c9c612f8d6853
aa95d7c4057f2034487f58c9f4c64bc5fe563a488465299220a92da47dcfa709
ac27954be52ff386d5de5c6cbafef7ded65ea9106583a584b308f325c039bbff
ac5d6d95b4c75f048935cc5b94acbf0292e1ae1d8c8ef90b4e0f28079ffad339
ac97a982e21925c7af0cd37611aab80c22ed8f48150325fc17e56a3d9a07e951
aceebf04544d4a4cc8731a96deda17979026abadd7ab81642421791bc72a827e
ad54e385f13d99fe91efd355a8f361d597708094574152daaec737852989aef8
ae1bfab525e8210fa28871a8af708b809943d8d7bb429e99e6d8cc196ad01305
afed9a0ab525a556166288e945e61b4e4adb9de9c074d8185f86b8f5f5fda311
b00e414261ca89afd5617c8fc2e6640b40bfcc69f9b5b71fc7f0b6726e09fa55
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b28b7f59040bee1dc3245583e4b2174ce7e16f8044a8c057e0a6e53a261066b9
b2c9ad85f6e6ac92e9a82aff96ac34fe725a49124f170de25b93ea9fb446d01f
b2f4ecbd97fae46005728ce7e3ff840a68a4aac45253b21e726bfdb310e64bf1
b43044a25942128d019bbf057c94c2eea5cca91db1832028a055373ec22ec4dc
b443c91a895c0be29a92a6e1a024ab643261fe48b45091a5b4153dd17fe54901
b4bf89769e19c2506a8b8ab0661165c2e8b1b4a46411e363ac118653fbe0580c
b6276bdfd4e4844bffab5fc63afcbf296b5ab01ffab5ec61c7c513ba41089d09
b6b34bf63bd954096432fd22370ead614ca2b6dbe9134695bc339f80a67de5bf
b6e0a1caeda1aef500326baa5265be59b721574bd48e0c440b0df1151b9f73a7
b7ab031706e98a1f46e3726fe28921c2269642bbfd8da1d240397d543946d502
ba24eda30cf8adc762f0c2027b5e616f52d83f231c5ddd28f7b6f733d1438fc9
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a
bb3bd313dfdb8ac7deabede8f1fe034c006ec3d7e67eb8017dfcb01b4f7a25c6
bbddcbf460676fae0e87a694e6282f74b19bcecbbbf1a9b655d28ea249e32f07
bc2e4399311edfde354d0e521aa53632a10745e1602c22197ba269fe7825de18
be18ceace877e07a6cc2bd69debee587f90e36f7bda869387fcfc3328ee1a460
be5f8fa04be6b5a425a1b12e67c8348b9506478a962bfd11a37a9fa8e2705a9e
bf1cab3f199709f97990ae519a2f52f44461139795d15ca36378ddae582b4589
bf777059f50499a6f2b0e3cd3fa510f028b95a4070402cd2e0f9732c43aa18cf
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2c25bb39f8efa8b490d7c22d2f4ad85f62b78f0fcc7b0aa74c6771f017a55ab
c3a5e126c9316733a646ea76bda2dd40b7ca42a43a8c1d08d7b9dd9aaec5524f
c46261799db2b9293be2af0302b45e51ab5d1e383d0e7b4994432c8fe0ff3d26
c698b08b0050a8de67a2a2b5e6d9f344a8424dc5c19972a84e99e3bee959e394
c7ea8abd800f2e3cea426e7b22ace1cb598c393b8e9de1e8d71572376803c5f4
caa42ac6fd82f36a473a0550017cb913e7eb2459236f3ded20541e265f60ade1
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc1d7cefd1077f17ad9e854207f2979b451c72af9f12cc83f6d1518b9342c320
ce15cec4407e77c697c29602822983015fa67c4915195f2890fe0518780bf1aa
ce7e8cc0b57736b3f9d10828c5f7c6e2744c8fed759860b1c49fe322dd7de0a7
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
ceea414a8b5645c0c0c943ff4b298f8adfa2fb86b4db26fc398975b40fa9f7ed
cf8266c56e7ec88fa2267d3b3c8bb68a718a4fa09ae6add2ba0c83e0a515d9c5
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d09d0c1e4b5e1d1b1c6c0d6e8b478e84ed5002ef9677c44b20db0c0bf1808ac1
d0cc949db47eadda0e59235f19200cbbabebfa345bb06430bb69f0c159c80421
d169a32f9735778725565b463845e84182ae86df4a264119ebc06e87c5e24582
d16be189421803dd4ac526983fd3f89ad40350c6bfa2afce69a48a5d9670f84a
d18c05b903e42fe072a80fb16a7aae87c94e506237fce86f68ad8241fa70f759
d33f7513fa0e7c91f0612b7ef6e44aadedc1ea2165b737d22c425835ea130b96
d3c4619d1862647fb8da1a6e28b3e3cefda11dd37f39ee69d059b9b398538307
d44c05fa125534732583be51fd282ba81f36415446b59a1c797964dcd7e68bfb
d4e8a4a129dc222b0d21ebb4b79e0cb267e5489d62108c6dccb38d8f31865c1c
d65dc23658e3a9e9e06dc310fff002d405f5d80017d362d44cd96f2bcb6f6cbb
d6a5e09e10f94077749be842a39eccdb423df69e86b81b279683fcfc33ad443c
d80c07bdec49910118c437a0157160bafd217be0d9d36f59f820313739df05b7
d9f2475064273b819775ae3a53920d6b54f1f30ae53433514b4708530213623b
db2ee7a386958f6e858c181063d50b9bd3dfe79f9318bc1550d15482a5e49350
dc22246577cf202a2e00f654e4cf7ddda3532f497a09620d930176c38cf0bc8a
dc2b6002b3518b4b196486f9f3e91e2b27b73df5c54d8418e0d442b6a8196c74
dd0d7b0bd9b543ac1655f000d5db598194d9a6c0c79815600b59ee49a81e8c62
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de8c73a2e86c95d68c01308cb3651428fe2688dbd53cbdc49b3d955e09860300
df63a1696cdcca3ea276a39192c3e03b5b5f6f021e943a0111488fd2750e2302
e031db33bec205e6458ed3b0f46e468f216493f77be9e359715b66df69f422fd
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e0c977564dc2dc801eee8d182bb9651219cfe084e01841dfd382feaa5d3b44a1
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e192d9eeabf2bd704b031e2f4f97ba09750b0479987660b0e1cb1dfbd4f9bd85
e30758bc1cb3650da38d2c31914e22afdb87203dc295e4cde6bf8f0c378b5116
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cb5b8b66ce54c2874390cd800bfcb6e3ad2616d07c74a66affba3592f5cfce
e60f1ef90da1acd99cb4b26ae6b1e07225fba3d280b26b1d05021a2cc59f66ef
e8d480780dad17fd64ac42eee77b9a8e485f2d81cc3dc232e2520a0e8058bffb
e991bfd51a024f880faf92b86dae29fb646979ee959d858f7a03785b138b71bd
ea67ee37f911ade94d894ff51dd077a9b489a13266372a0e1a3429b0b54b5a16
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ecb12b46998ce3fbaec5aec913657f56420683573c70a0e370410898e06c4956
ed51c6c44f063fffd3fef1042b859a00d4cbdcee5dbc742c758f7a275ff85f58
ed9fb530b2f43de5cbf2b1065728f2ae6dd2199475599c814316c4ef3c6a0bc2
ee22247eda3ff046c758f64a934a338d779fb732380a04f747ea6815c61f9d7e
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487
eeedc1abe03200da1b9ad6c8d55cfc0c7a5f8c47e492d5826f64f3e719eacb76
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f05eea43f37a4cea565f3f22c3a16a0c39ce8673a373ed7d3c14ab469c23a974
f1a15aa346dcdf8ce899143d55b17a8f605f684375d59f82bb70daa4f50d51ee
f38240ab2c85207da531c1f788d9e5a7beb273d11c08d15714c464c407c52bbe
f49b521799308f8cf36318142dbab92925dcae0ca9e2e35050f7d7635ce6c4b0
f58ea96f1c8eaf7bdecc8d49a6e6d078be589c3827f7e165c51c843df2401279
f597d0d96818afb2cab564c377320fb564e551cae28180602c4c698006545ba5
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f8d40b55ee735d25fbdef70d7a3dbaaf1608c27b5a2410697ef01d5122b259eb
f95bc216faa2425bc4fb7eba2596e113df1153ec19b7938b496ea2d1eb73a00b
f97354a4659e6fc1cf05e27b59d333c697c1b0fd6fcaaceaa9af1f6886abe0af
f9d9c7a87c8d45bf544e7e77ebd3e5ca06c28c690e4c36bf6def49fa95326941
fb7f6e8e30df0bc5493e7d9020456934ba841d7451270e7c104b8f96a41be493
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
fcbdca1adae6ce01084424e06884af87e58f8371b07d52d6f630763cdfa21804
fd0bfa3ff518d55f37d77c6581a7966f21587130c536342fe7cd03f36c028f17
fd4e199844c63a7d1f5495473386caf4436b407f38549f331a1706f7b9f52046
fe1a293cdb4905ed390da36b47fa01878068dc52306b495f97d39c56f00ea2fc
fe3db1ddc535cee795d1065a2d6e8bc1b256e3c2d15577549442545c65f1712c
fe9df01e92d9c0e137f7e221e560e78695bf9232d13aa143e391e2e3c7f09c7f
ff2c7ccae8dcbdf672e97016d32342896f07c1f2625aa1adbefb60c89c5b3bd8