www.deseret.com Open in urlscan Pro
143.204.215.86 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.deseret.com/
Effective URL:
https://www.deseret.com/
Submission: On October 18 via api (October 18th 2022, 7:10:32 pm UTC) from US — Scanned from DE

Summary HTTP 130 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 41 IPs in 5 countries across 23 domains to perform 130 HTTP transactions. The main IP is 143.204.215.86, located in United States and belongs to AMAZON-02, US. The main domain is www.deseret.com. The Cisco Umbrella rank of the primary domain is 104464.
TLS certificate: Issued by Amazon on February 25th 2022. Valid for: a year.

This is the only time www.deseret.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	143.204.215.86 143.204.215.86	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:480... 2a02:26f0:480:f::213:7ec6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
37	143.204.215.15 143.204.215.15	16509 (AMAZON-02) (AMAZON-02)
2	13.32.27.47 13.32.27.47	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
7	65.9.66.17 65.9.66.17	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6811:fc66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a03:2880:f05... 2a03:2880:f050:f:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
3	13.35.253.90 13.35.253.90	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1 3	143.204.215.23 143.204.215.23	16509 (AMAZON-02) (AMAZON-02)
1	143.204.94.230 143.204.94.230	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.216.106.35 52.216.106.35	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	141.95.98.70 141.95.98.70	16276 (OVH) (OVH)
1	2001:41d0:701... 2001:41d0:701:1000::31ee	16276 (OVH) (OVH)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
11	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	65.9.61.60 65.9.61.60	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	54.155.18.159 54.155.18.159	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
130	41

3 143.204.215.86 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-86.fra53.r.cloudfront.net

www.deseret.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 143.204.215.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-15.fra53.r.cloudfront.net

deseret.brightspotcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-47.fra56.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 65.9.66.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-17.fra56.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:fc66 (United States)

ASN13335 (CLOUDFLARENET, US)

uploads.deseret.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f050:f:face:b00c:0:3 (Hamburg, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.253.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-90.fra6.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.215.23 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-23.fra53.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.94.230 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-230.fra50.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.106.35 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ams-pageview-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.70 (France)

ASN16276 (OVH, FR)
PTR: ns3216620.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41d0:701:1000::31ee (France)

ASN16276 (OVH, FR)

lbs.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.61.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-60.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.18.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	brightspotcdn.com deseret.brightspotcdn.com — Cisco Umbrella Rank: 82985	2 MB
25	googlesyndication.com 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	145 KB
10	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317	225 KB
7	gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn2.gstatic.com fonts.gstatic.com	173 KB
7	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 1699	182 KB
6	deseret.com 1 redirects www.deseret.com — Cisco Umbrella Rank: 104464 uploads.deseret.com — Cisco Umbrella Rank: 151241	163 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 313 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 534	48 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	199 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 156	776 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	120 KB
3	typekit.net use.typekit.net — Cisco Umbrella Rank: 473 p.typekit.net — Cisco Umbrella Rank: 601	39 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2800 p1.parsely.com — Cisco Umbrella Rank: 2165	22 KB
2	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1358 lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1440	539 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8724 www.google.de — Cisco Umbrella Rank: 6045	1 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1193 id5-sync.com — Cisco Umbrella Rank: 471	17 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	203 B
2	htlbid.com htlbid.com — Cisco Umbrella Rank: 16016	86 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 273	19 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	1 KB
1	amazonaws.com ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 19303	448 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	67 KB
130	23

	Domain	Requested by
37	deseret.brightspotcdn.com	www.deseret.com deseret.brightspotcdn.com
11	tpc.googlesyndication.com	tagan.adlightning.com 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
11	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com tagan.adlightning.com www.googletagservices.com
7	tagan.adlightning.com	www.deseret.com tagan.adlightning.com 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
5	securepubads.g.doubleclick.net	htlbid.com tagan.adlightning.com www.googletagservices.com securepubads.g.doubleclick.net 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
4	www.google.com	tagan.adlightning.com 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
4	connect.facebook.net	www.deseret.com connect.facebook.net
3	109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com	securepubads.g.doubleclick.net tagan.adlightning.com
3	sb.scorecardresearch.com	1 redirects www.deseret.com
3	c.amazon-adsystem.com	htlbid.com c.amazon-adsystem.com
3	uploads.deseret.com	www.deseret.com uploads.deseret.com www.googletagmanager.com
3	www.googletagservices.com	www.deseret.com 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
3	www.deseret.com	1 redirects deseret.brightspotcdn.com
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	googleads.g.doubleclick.net	109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com tagan.adlightning.com
2	encrypted-tbn2.gstatic.com	109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.facebook.com	www.deseret.com
2	htlbid.com	www.deseret.com
2	use.typekit.net	www.deseret.com use.typekit.net
1	fonts.gstatic.com	fonts.googleapis.com
1	s0.2mdn.net	tagan.adlightning.com
1	encrypted-tbn0.gstatic.com	109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
1	encrypted-tbn3.gstatic.com	109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
1	encrypted-tbn1.gstatic.com	109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
1	www.gstatic.com	109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
1	fonts.googleapis.com	109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
1	www.google.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	p1.parsely.com
1	cdn.parsely.com	www.googletagmanager.com
1	id5-sync.com	cdn.id5-sync.com
1	lbs.eu-1-id5-sync.com	cdn.id5-sync.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	adservice.google.com	tagan.adlightning.com
1	adservice.google.de	tagan.adlightning.com
1	ams-pageview-public.s3.amazonaws.com	www.deseret.com
1	cdn.id5-sync.com	tagan.adlightning.com
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	www.googletagmanager.com	www.deseret.com
1	p.typekit.net	use.typekit.net
130	41

This site contains links to these domains. Also see Links.

Domain
thechurchnews.com
pages.deseret.com
legcy.co
sports.deseret.com
www.utahlegals.com
twitter.com
www.facebook.com
deseretmanagement.wd1.myworkdayjobs.com
apps.apple.com
play.google.com
run.deseret.com
www.adlightning.com

Subject Issuer	Validity	Valid
origin.deseret.production.chorus.brightspot.cloud Amazon	`2022-02-25` - `2023-03-26`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
htlbid.com Amazon	`2021-11-21` - `2022-12-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.adlightning.com Amazon	`2022-06-09` - `2023-07-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-28` - `2022-10-26`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.parsely.com Amazon	`2022-06-05` - `2023-07-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.deseret.com/
Frame ID: C1C1E745194BC156A99AE469E14DC32D
Requests: 92 HTTP requests in this frame

Frame: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 06BB9116B8C6F643103BA62FC0DE806D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 33A102BD537705F94D52108D678847F1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 47D3AE6940ED69C05D937463504B7CD1
Requests: 2 HTTP requests in this frame

Frame: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B10CAF1BDE2BCF65DCB632281537A21D
Requests: 20 HTTP requests in this frame

Frame: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8C4B2FBB59DE06F4CC4A8F5C083D7B10
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhjO-MDVATAB&v=APEucNWhVBj7jeqVwxmhxZNT3Rf-QRrwwQG0IGfPiKLJOexywSbkIholJ9yaVbCvIQBuFCmJ8s-PfYeG0upIOEQGhhgKHZZjEw
Frame ID: A7D0F97C15776F21B2753F56796F7E7E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8EC466170F140164FE56F466BF17E618
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js
Frame ID: 0DD8C086EFC3C1A109AC9D1D4F2C21DA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Deseret NewsclockCST_

Page URL History Show full URLs

http://www.deseret.com/ HTTP 301
https://www.deseret.com/ Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

130
Requests

99 %
HTTPS

68 %
IPv6

23
Domains

41
Subdomains

41
IPs

5
Countries

3201 kB
Transfer

6479 kB
Size

9
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://thechurchnews.com/
Title: Church News

Search URL Search Domain Scan URL

URL: https://pages.deseret.com/subscribe?utm_source=supernav&utm_medium=site&utm_campaign=deseretnews
Title: Print Subscriptions

Search URL Search Domain Scan URL

URL: https://legcy.co/3qHd6DJ
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://sports.deseret.com/high-school
Title: High School

Search URL Search Domain Scan URL

URL: https://pages.deseret.com/podcasts
Title: PODCASTS

Search URL Search Domain Scan URL

URL: https://legcy.co/3oAN9Uz
Title: OBITUARIES

Search URL Search Domain Scan URL

URL: https://pages.deseret.com/newsletters?_ga=2.28103804.1972234842.1645745152-293699453.1644603312
Title: NEWSLETTERS

Search URL Search Domain Scan URL

URL: https://www.utahlegals.com/
Title: LEGAL NOTICES

Search URL Search Domain Scan URL

URL: https://twitter.com/deseret
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/deseretnews
Title: Facebook

Search URL Search Domain Scan URL

URL: https://pages.deseret.com/newsletters
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://deseretmanagement.wd1.myworkdayjobs.com/DeseretNews
Title: Careers

Search URL Search Domain Scan URL

URL: https://pages.deseret.com/subscribe?utm_source=sitefooter&utm_medium=site&utm_campaign=deseretnews
Title: Print Subscription

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/deseret-news/id425758986
Title: iOS App

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.deseretnews.android&hl=en_US
Title: Android App

Search URL Search Domain Scan URL

URL: https://run.deseret.com/
Title: Deseret News Marathon

Search URL Search Domain Scan URL

URL: https://twitter.com/Deseret
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/deseretnews/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.adlightning.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.deseret.com/ HTTP 301
https://www.deseret.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83

https://sb.scorecardresearch.com/c2/16033947/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

130 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.deseret.com/
Redirect Chain

http://www.deseret.com/
https://www.deseret.com/

337 KB
43 KB

52ms
17ms

Document
text/html

143.204.215.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.deseret.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-86.fra53.r.cloudfront.net

Software

istio-envoy / Brightspot

Resource Hash

b4ea7efa0e6a4614c57741f207f8a1b70aa914db2308cc670c627b309fd6f66d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 180
content-encoding: gzip
content-length: 43406
content-type: text/html;charset=UTF-8
date: Tue, 18 Oct 2022 19:07:23 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
via: 1.1 a75b67932d84d80b40e12159613deb16.cloudfront.net (CloudFront)
x-amz-cf-id: hUFbrnFEQmxLNv7m9JS08wJjD9NBtYtZz06l6qx3uCN73zFI8PDNmA==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-envoy-decorator-operation: brightspot-cms-verify.deseret.svc.cluster.local:80/*
x-envoy-upstream-service-time: 390
x-powered-by: Brightspot

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Tue, 18 Oct 2022 19:10:23 GMT
Location: https://www.deseret.com/
Server: CloudFront
Via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
X-Amz-Cf-Id: VOpkE295M882mDBOoVWo-xbFuCm6fj_O0aQSPhUBSrjyIUWmeaW5rg==
X-Amz-Cf-Pop: FRA53-C1
X-Cache: Redirect from cloudfront

GET
H2 200 qzq4qkv.css
use.typekit.net/ 5 KB
1 KB 75ms
8ms Stylesheet
text/css 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/qzq4qkv.css

Requested by

Host: www.deseret.com
URL: https://www.deseret.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

a1b4c733d93929cbd2a66b012265928653e4c75a9abaf06bfec93c85dfeb83a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Tue, 18 Oct 2022 19:10:23 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 890

GET
H2 200 All.min.67d41279f60c361fcf059dbcbd6ae58a.gz.css
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/ 326 KB
43 KB 162ms
18ms Stylesheet
text/css 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.67d41279f60c361fcf059dbcbd6ae58a.gz.css?v=1212
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05c1c8df64358f81c20540cad1eb3f419a3e109ba40adc8a8cde75e6e8af32d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 17:27:02 GMT
content-encoding: gzip
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
last-modified: Tue, 04 Oct 2022 17:26:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1215802
etag: "c31922df93dd6b884ef7d5f7b855a768"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 43979
x-amz-cf-id: L0Lz4imrI4QOsnY6Mx8i42Nua0jg-v_OtDWkE88_Rk9K0CVNpMm60A==

GET
H2 200 webcomponents-loader.2938a610ca02c611209b1a5ba2884385.gz.js Show response
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/webcomponents-loader/ 2 KB
1 KB 152ms
8ms Script
text/javascript 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/webcomponents-loader/webcomponents-loader.2938a610ca02c611209b1a5ba2884385.gz.js
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e524d44843e7d1c9ec644402f6d3c2b74655676f373b5c1338807c11afc2325e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:29:21 GMT
content-encoding: gzip
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
last-modified: Thu, 17 Feb 2022 23:47:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1410063
etag: "15a442be7d06ec40170c3c91ac824065"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 999
x-amz-cf-id: jnxQg926GSYsQWiTGVXLEQm5TNG0gYX66MhHFPBfriopdI0xlOp85A==

GET
H2 200 All.min.68fd1e62d97587131dc370c9fa7f1f9e.gz.js Show response
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/ 212 KB
61 KB 32ms
28ms Script
text/javascript 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.68fd1e62d97587131dc370c9fa7f1f9e.gz.js
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0979ac9e43fdef095ab1f367fc9df0b5acfdd2792a3999de7dace65991f2202e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 17:27:03 GMT
content-encoding: gzip
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
last-modified: Tue, 04 Oct 2022 17:26:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1215802
etag: "9780517900af767303aa98aee7565ab0"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 61796
x-amz-cf-id: 6wX1SlbZlBSutZ27I1ula5ZGMCmbL9r9nCcHwDtouRim4vTPPfqS5A==

GET
H2 200 htlbid.css
htlbid.com/v3/deseret.com/ 4 KB
932 B 98ms
21ms Stylesheet
text/css 13.32.27.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/deseret.com/htlbid.css
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-47.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 46b48eb8786ffe5ca70dd032063c21f0a33992166035a3f3c5173fad5968a073

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:07:43 GMT
content-encoding: gzip
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
last-modified: Tue, 20 Sep 2022 11:20:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 161
etag: W/"de0e57d689165e974f87642b4030b4df"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=600
x-amz-cf-id: 75NyFU_A7LNErgXBgPU75qm4JjowamuABfwMsK97SqGxVBkCteqMeA==

GET
H2 200 htlbid.js Show response
htlbid.com/v3/deseret.com/ 354 KB
85 KB 89ms
12ms Script
application/javascript 13.32.27.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/deseret.com/htlbid.js
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-47.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 120115620c9096aa98d241b6291361e222c40b94c48dbb4ca351e9dc93542b3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:07:43 GMT
content-encoding: br
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
last-modified: Tue, 20 Sep 2022 11:19:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 161
etag: W/"2800d085a09cdc85193dddbf1e41c1ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600
x-amz-cf-id: O-RfUCAA1HB05UVugztG9v0Mn4gB9NcHQUMOr2CE0pfgOL-qTiUdhQ==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
28 KB 100ms
32ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.deseret.com
URL: https://www.deseret.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786f4aba7b5cf8414efaad94e55aad72383092d11d521079fec2f867a07ecbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:10:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27592
x-xss-protection: 0
server: sffe
etag: "1368 / 316 of 1000 / last-modified: 1666105062"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 18 Oct 2022 19:10:24 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/deseretdigital/ 54 KB
23 KB 78ms
10ms Script
application/javascript 65.9.66.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/deseretdigital/op.js
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d0de57420f31e678e098c665477c3db1a55635f6f6f5d064ff6fc2a39b0a85b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: X5OMUS.70oBIyDZfOfHdBPCIwaIBn4Ye
content-encoding: gzip
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
date: Tue, 18 Oct 2022 18:48:21 GMT
x-amz-cf-pop: FRA56-C1
age: 1784
x-cache: Hit from cloudfront
content-length: 23166
x-amz-meta-git_commit: 7467d3d
last-modified: Fri, 14 Oct 2022 15:55:09 GMT
server: AmazonS3
etag: "cb9dedacadc8b5b11d834b8d3bf50384"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: _MJxuQBfcoljhj6vb9YnmUE3TVeVjliLWQQzdLu6ePM9nekHOHd1oQ==

GET
H2 200 deseret-scripts.bsp.min.js Show response
uploads.deseret.com/scripts/ 78 KB
28 KB 168ms
52ms Script
application/javascript 2606:4700::6811:fc66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads.deseret.com/scripts/deseret-scripts.bsp.min.js
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:fc66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb2246037b7c84a2096f617ae008b038013355145fe825a5edb76706d65bee82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:10:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 13 Oct 2022 01:59:22 GMT
server: cloudflare
x-amz-request-id: C4FCPFFFHNP2TQH6
age: 468
etag: W/"05b7991e9f357c0f4b328c66edf2d937"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 75c392e8fa799966-FRA
x-amz-id-2: uYrvK6zJimkyMHS1h8b91ftNSeF+/FlIVnV1wuQBNIiNZGumWDtJY/Syd0Esq7f7A8O5LAajD6Q=
expires: Tue, 18 Oct 2022 23:10:24 GMT

GET
H2 200 Benton_Sans_Regular.a86565d35df3a9fb1e50b963cbf97a13.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 75 KB
75 KB 157ms
14ms Font
application/octet-stream 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Regular.a86565d35df3a9fb1e50b963cbf97a13.woff2
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66f0dc601980210348b662950393979dddd60cd7d71deec55d52d33dba6480bd

Request headers

Referer: https://www.deseret.com/
Origin: https://www.deseret.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 00:17:22 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1277581
x-cache: Hit from cloudfront
content-length: 76568
last-modified: Thu, 17 Feb 2022 23:47:56 GMT
server: AmazonS3
etag: "f6743a187328e0bf82aeda554e81482c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.deseret.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: uqF6d3Nd3ZHaGLSwVh1ek41fVRrobBFs2V1phdNrO_Zoc7tHfVb_3A==

GET
H2 200 Benton_Sans_Bold.8cb714e2e55e898768c36431818db72f.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 73 KB
73 KB 156ms
13ms Font
application/octet-stream 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Bold.8cb714e2e55e898768c36431818db72f.woff2
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2a94eb1d42e17433281e0b974340f4d2efc5ef5033d0d4af074a96012c6ba1d

Request headers

Referer: https://www.deseret.com/
Origin: https://www.deseret.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 23:45:18 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 3093906
x-cache: Hit from cloudfront
content-length: 74663
last-modified: Thu, 17 Feb 2022 23:47:56 GMT
server: AmazonS3
etag: "d6b2f91fd8fea5cf04d2cffb91358fa7"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.deseret.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: pqzTChe8WlNOH5hwo0dXhvC6S2xSt7J5dQohKhKJMHfTZVehP5zt6Q==

GET
H2 200 Benton_Sans_Condensed_Medium.bb363d55467296410f913b84056528f9.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 80 KB
81 KB 156ms
13ms Font
application/octet-stream 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Condensed_Medium.bb363d55467296410f913b84056528f9.woff2
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7be8d23faf8e20f95b11c1a6b936f8e7fab5edfe166294fa5cbddd5f4aee8dbc

Request headers

Referer: https://www.deseret.com/
Origin: https://www.deseret.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 00:17:22 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1277581
x-cache: Hit from cloudfront
content-length: 82104
last-modified: Thu, 17 Feb 2022 23:47:57 GMT
server: AmazonS3
etag: "d0db157337143c199a26534b83cf3209"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.deseret.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: ZeaWrCD7B0p96tBZjAQwWvbWLr0CZO8yEQoXIy_al9kIEDZcgT6TYA==

GET
H2 200 Poynter_Oldstyle_Display_Bold.26cefedcab11054b85987ff2f992a2c5.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 46 KB
47 KB 155ms
12ms Font
application/octet-stream 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Display_Bold.26cefedcab11054b85987ff2f992a2c5.woff2
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a95d7230e92fa3f5e49d0a98b70db47eca288aa80c32e7aa463fbf0887ed6648

Request headers

Referer: https://www.deseret.com/
Origin: https://www.deseret.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:04:10 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1271174
x-cache: Hit from cloudfront
content-length: 47611
last-modified: Thu, 17 Feb 2022 23:47:57 GMT
server: AmazonS3
etag: "4d9e86bc030f11c019ff00eb6acd78f4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.deseret.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: NQBJYwBABg2TAHZyr8_2h_fjQkVI00-luL5rLsgexCmcGCtCFew4Xw==

GET
H2 200 Poynter_Oldstyle_Text_Italic.9f7066049b8a07ca0e905ba46c8645f4.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 59 KB
60 KB 156ms
13ms Font
application/octet-stream 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Italic.9f7066049b8a07ca0e905ba46c8645f4.woff2
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d2dcf4e292cf679e2c8530bc37a6f23979b184ba573845ddbb1e9d595a554227

Request headers

Referer: https://www.deseret.com/
Origin: https://www.deseret.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 22:55:58 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1282466
x-cache: Hit from cloudfront
content-length: 60787
last-modified: Thu, 17 Feb 2022 23:47:57 GMT
server: AmazonS3
etag: "752938771efdce1e27b5387be02c2bcc"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.deseret.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: z9IdFnwAIwKlGXyg52zPxI0Gyw-qMiDPIRnMQo9WfTewL3yHRJliAQ==

GET
H2 200 Poynter_Oldstyle_Text_Roman.7d4d83ea55695b66b9beb992fadfb14b.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 60 KB
60 KB 156ms
14ms Font
application/octet-stream 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Roman.7d4d83ea55695b66b9beb992fadfb14b.woff2
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a09d02e6d88797dbde0e92bbca6e534dbe41f4add18f56f2e10ab3ae98dca0a6

Request headers

Referer: https://www.deseret.com/
Origin: https://www.deseret.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 00:17:22 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1277581
x-cache: Hit from cloudfront
content-length: 61012
last-modified: Thu, 17 Feb 2022 23:47:58 GMT
server: AmazonS3
etag: "1dc88c1f4c13b4a7444f0c52628d8cf2"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.deseret.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: Zfhv5CFRckbkTooqKjmC0KWkTq326wP0NPwYGXz8C8nBsEc7uFG6dA==

GET
H2 200 Poynter_Oldstyle_Text_Bold.401d3b047965b9833f0ef9a4299972b2.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 60 KB
60 KB 190ms
47ms Font
application/octet-stream 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Bold.401d3b047965b9833f0ef9a4299972b2.woff2
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f7845baf48f3b8c34aad7cdfabdbde46cdefcd61f5843bb8e485ecd17b35381

Request headers

Referer: https://www.deseret.com/
Origin: https://www.deseret.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 02:13:56 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1961788
x-cache: Hit from cloudfront
content-length: 61221
last-modified: Thu, 17 Feb 2022 23:47:58 GMT
server: AmazonS3
etag: "878d3707418d2a777352b5a61447448e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.deseret.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: on1pJDIgkyBqvHlPHcRNf_Kp1xfU28TTzInMY98bH8kr4aXnKmEkXg==

GET
H2 200 Benton_Sans_Regular.409a2ac6bc1aa08eb312bd751e5b8f40.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 101 KB
101 KB 156ms
14ms Font
application/x-font-woff 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Regular.409a2ac6bc1aa08eb312bd751e5b8f40.woff
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bcc5776e9fae4fdacc876c8fec1a448df437dbcb9c79920384bd88d8cebb3869

Request headers

Referer: https://www.deseret.com/
Origin: https://www.deseret.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 00:58:14 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1275130
x-cache: Hit from cloudfront
content-length: 103205
last-modified: Wed, 25 May 2022 18:26:51 GMT
server: AmazonS3
etag: "dc0e0fc6f3d76709193bbed5251160f8"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-font-woff
access-control-allow-origin: https://www.deseret.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: 1aY8Ryd_alynzXk9zH8ORItk60RboYtiwuCdP5xzXAll2lmG8gva0Q==

GET
H2 200 Benton_Sans_Bold.d49a5ce3e771acb6ef7780dfb8628852.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 98 KB
99 KB 188ms
46ms Font
application/x-font-woff 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Bold.d49a5ce3e771acb6ef7780dfb8628852.woff
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 69ad3aa28d82aca629d5970eb80b68d85111d458e08fe3eae014ed8cc509637a

Request headers

Referer: https://www.deseret.com/
Origin: https://www.deseret.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 22:55:58 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1282466
x-cache: Hit from cloudfront
content-length: 100842
last-modified: Wed, 25 May 2022 18:26:52 GMT
server: AmazonS3
etag: "f877dc687a87566a2fb8dae0a4990b93"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-font-woff
access-control-allow-origin: https://www.deseret.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: j5V3cml3_En9dN0SQlfYcZiDjd6GhhWms56JlewO1rZQpgS_Ghe4Xw==

GET
H2 200 Benton_Sans_Condensed_Medium.93a6c93a1977e45c6c8110ece8b4b5d0.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 109 KB
109 KB 198ms
57ms Font
application/x-font-woff 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Condensed_Medium.93a6c93a1977e45c6c8110ece8b4b5d0.woff
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eabb880277c8644d8b8d3134cc8649109692ee1d1d4ca460374dd7cd97c9271b

Request headers

Referer: https://www.deseret.com/
Origin: https://www.deseret.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:04:10 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1271174
x-cache: Hit from cloudfront
content-length: 111108
last-modified: Wed, 25 May 2022 18:26:52 GMT
server: AmazonS3
etag: "20ed51646fe20feb81c38d16459545c7"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-font-woff
access-control-allow-origin: https://www.deseret.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: rsI0-Ym1WWeMkNigRm1MnFF2ld3l3c6aOCBLfI1ErK9qDjbHYTC-vQ==

GET
H2 200 Poynter_Oldstyle_Display_Bold.3ae2bb4526d6e998f6f95c1227253d91.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 62 KB
62 KB 187ms
46ms Font
application/x-font-woff 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Display_Bold.3ae2bb4526d6e998f6f95c1227253d91.woff
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f3e1d573601ec8fc04b7410e8593284ffce7fbcc2148ce3070349b6218a40d1f

Request headers

Referer: https://www.deseret.com/
Origin: https://www.deseret.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:04:10 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1271174
x-cache: Hit from cloudfront
content-length: 63207
last-modified: Wed, 25 May 2022 18:26:53 GMT
server: AmazonS3
etag: "1a399b504bfc628afade8572bcac1b9f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-font-woff
access-control-allow-origin: https://www.deseret.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: 1oWwWckSthE9Ao-Z2lvAXEKcX4E0LPOHuC_ovmPkSvQd4Re5DvSG3w==

GET
H2 200 Poynter_Oldstyle_Text_Italic.1852359a620808c5c15d4adc10b281d9.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 75 KB
76 KB 155ms
14ms Font
application/x-font-woff 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Italic.1852359a620808c5c15d4adc10b281d9.woff
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a6d8efcec4beb19fdcb6e14e5ae504451a3d846afe70c26c79825c9b9121a9be

Request headers

Referer: https://www.deseret.com/
Origin: https://www.deseret.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 00:17:22 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1277581
x-cache: Hit from cloudfront
content-length: 76745
last-modified: Wed, 25 May 2022 18:26:53 GMT
server: AmazonS3
etag: "002ec9b19e3a826a9001a395312bacc2"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-font-woff
access-control-allow-origin: https://www.deseret.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: JrVMZEQbvpCvBuI8fpjCO0h6dEV-8AtjGw9prZRTAMjo3ibS12IajA==

GET
H2 200 Poynter_Oldstyle_Text_Roman.a3e2828fcd9d3b031c3d3e07aea3d55e.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 74 KB
75 KB 188ms
47ms Font
application/x-font-woff 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Roman.a3e2828fcd9d3b031c3d3e07aea3d55e.woff
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 96f1bf7e1c0ac4c3310832746a1a8887970155a1de90935c488b05a0c2c73c1e

Request headers

Referer: https://www.deseret.com/
Origin: https://www.deseret.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 11:54:52 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 198932
x-cache: Hit from cloudfront
content-length: 76278
last-modified: Wed, 25 May 2022 18:26:53 GMT
server: AmazonS3
etag: "544e553d046beae465d90cbede131aa7"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-font-woff
access-control-allow-origin: https://www.deseret.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: 2pPheoQGDdYyGW4uwXAUnqGg0rFQu6RIT7jqTHWV5DfOlCp4fIVKVw==

GET
H2 200 Poynter_Oldstyle_Text_Bold.5151938f16d42d400f1b1b6cf8ce28b0.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 75 KB
76 KB 187ms
47ms Font
application/x-font-woff 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Bold.5151938f16d42d400f1b1b6cf8ce28b0.woff
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb6d8677f4fe82deb229a4a4123c46c3378a92cf5e17f4844dcf430dd1ff6b45

Request headers

Referer: https://www.deseret.com/
Origin: https://www.deseret.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 00:58:14 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1275130
x-cache: Hit from cloudfront
content-length: 77143
last-modified: Wed, 25 May 2022 18:26:54 GMT
server: AmazonS3
etag: "eb6b6b4a47bbbb92360446b2b945de30"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-font-woff
access-control-allow-origin: https://www.deseret.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: yveF0C8RT2vb26dijgCpst6QGbR4fQGqkej7079TgSODRN2hk47_6A==

GET
H2 200 /
deseret.brightspotcdn.com/dims4/default/b1ac8c8/2147483647/strip/true/crop/2578x293+0+0/resize/600x68!/quality/90/ 12 KB
12 KB 37ms
34ms Image
image/png 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deseret.brightspotcdn.com/dims4/default/b1ac8c8/2147483647/strip/true/crop/2578x293+0+0/resize/600x68!/quality/90/?url=https%3A%2F%2Fchorus-production-deseret.s3.amazonaws.com%2Fbrightspot%2Ffe%2Fc2%2Fd2c642da48e5b42fdbb399f1da6f%2Fdeseretnews-logo-yellow-period.png
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: istio-envoy /
Resource Hash: 272c2da0b209e207dd15ce0b6d0d76354903205320cbdab33801f57ee66df91b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 01:36:05 GMT
x-envoy-decorator-operation: brightspot-dims-verify.deseret.svc.cluster.local:80/*
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA53-C1
age: 3951259
etag: 39e982d002597c846fda60314897edd4
x-cache: Hit from cloudfront
content-type: image/png
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-envoy-upstream-service-time: 162
content-length: 11785
x-amz-cf-id: aHTKyi69qY5WgF8YlAROskwVYXA9JVyhdDpNihOtlgK4ltAzuBGQDg==
expires: Sun, 03 Sep 2023 01:36:05 GMT

GET
H2 200 deseret-all-white.svg
deseret.brightspotcdn.com/f5/3a/e18fad7149db9774e45b66febd3e/ 6 KB
6 KB 30ms
27ms Image
image/svg+xml 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deseret.brightspotcdn.com/f5/3a/e18fad7149db9774e45b66febd3e/deseret-all-white.svg
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb0937c8795554e0837a02e3c17fc431c8665d70b631fd4bc285e8c10e5e22a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 15:11:58 GMT
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Feb 2022 17:21:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 9863907
etag: "1e425a1d2e93778d611f9b7683f6837e"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 6126
x-amz-cf-id: ahbKQVtCGUCDpmXHO_WJwKz_IPIeeXkDgwEwfXaoNxFnLjBrgIMF2Q==

GET
H2 200 bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js Show response
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/_resource/analytics/ 9 KB
3 KB 31ms
27ms Script
text/javascript 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/_resource/analytics/bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4d188579bddcd83fc8d1383f60e6a50c5cc3428e4f6c32b493a8cce04bc9c87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 00:36:27 GMT
content-encoding: gzip
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
last-modified: Thu, 17 Feb 2022 23:47:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 10866838
etag: "c066757a8992615b576ac565d39d182d"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3003
x-amz-cf-id: ZXHuQspb7xsvhvV67mP709HxLuZ-4udS0XsW-bVLmrzXcYNviBKbxw==

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 76ms
9ms Stylesheet
text/css 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=qzq4qkv&ht=tk&f=30813.30814.30816.30818.30834.31040.31047&a=12600432&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:10:23 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 98ms
31ms Script
application/x-javascript 2a03:2880:f050:f:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.deseret.com
URL: https://www.deseret.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f050:f:face:b00c:0:3 Hamburg, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

130b6040df08a909b7b195a425dc9aa25d35ce960496a565c463de9bac32f547

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Oct 2022 19:10:24 GMT
content-md5: sa4PhZG5PETVuKs6MDOrHQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: hdWzpfcA90ERi/eMiT8Fi2NovkldPeQ0+4wuScNI2fRf2/hGltkyEtFro+3kVNDhNfi0VVfqYoseQ4VEfeoDnA==
x-fb-trip-id: 1679558926
x-fb-content-md5: 43c52cc047b63675f19820ab7d8e9e5d
cross-origin-opener-policy: same-origin-allow-popups
etag: "5fde8bb10957352545366601bdec510f"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Tue, 18 Oct 2022 19:13:58 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
28 KB 182ms
66ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: htlbid.com
URL: https://htlbid.com/v3/deseret.com/htlbid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78738e72304932ad9078a67a2c418eb850ec8d50f07fb1b95b7045be24b6a845

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:10:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27590
x-xss-protection: 0
server: sffe
etag: "1368 / 273 of 1000 / last-modified: 1666105024"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 18 Oct 2022 19:10:24 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 176 KB
44 KB 82ms
15ms Script
application/javascript 13.35.253.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/deseret.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-90.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d5aeb863142a8ddac2ae6d950ad4995d72ecb88e8657e7d9c505459dc930ba7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:50:40 GMT
content-encoding: gzip
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront), 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
last-modified: Thu, 06 Oct 2022 22:15:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1, FRA6-C1
age: 1185
x-amz-server-side-encryption: AES256
etag: W/"13600701857be6a3c4cd98a7b8e7133a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: rCHEQfEXIJg4uIkTsRg5_3g6q_kZ-B_eOz8fiKpYQictde0mXpkM5A==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 194 KB
67 KB 79ms
28ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W9QHGH

Requested by

Host: www.deseret.com
URL: https://www.deseret.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18219135cda2251da914bbcac6c3b938506170cb1c8c80b6cca0341721b3d28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:10:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67634
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 18 Oct 2022 19:10:24 GMT

GET
H2 200 228f7278b56ec5f4c512.8764e4dc5bb5d6dc0a7723926dadba3f.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/ 41 KB
42 KB 26ms
26ms Font
application/octet-stream 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/228f7278b56ec5f4c512.8764e4dc5bb5d6dc0a7723926dadba3f.woff2
Requested by: Host: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.67d41279f60c361fcf059dbcbd6ae58a.gz.css?v=1212
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c98415225e2d798f63c5cf293cecc7e25003e2bfdd5c36a15131e481377d3a5

Request headers

Referer: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.67d41279f60c361fcf059dbcbd6ae58a.gz.css?v=1212
Origin: https://www.deseret.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 23:04:18 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1454767
x-cache: Hit from cloudfront
content-length: 42200
last-modified: Thu, 17 Feb 2022 23:47:51 GMT
server: AmazonS3
etag: "9bbb521bbc889f7adbd15c91e025b3e9"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.deseret.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: cDdy_htpbZR32cQBNJCTfFZpsPILOBRXqGueGFp6L2vw0t4gUObwkw==

GET
H2 200 /
deseret.brightspotcdn.com/dims4/default/e2eaebf/2147483647/strip/true/crop/6000x1021+0+0/resize/3000x511!/quality/90/ 55 KB
56 KB 19ms
17ms Image
image/jpeg 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deseret.brightspotcdn.com/dims4/default/e2eaebf/2147483647/strip/true/crop/6000x1021+0+0/resize/3000x511!/quality/90/?url=https%3A%2F%2Fchorus-production-deseret.s3.amazonaws.com%2Fbrightspot%2F9c%2F9b%2F232bea874488903a43b13d6ed0c8%2Fnameplate-10-18-22-01.jpg
Requested by: Host: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.67d41279f60c361fcf059dbcbd6ae58a.gz.css?v=1212
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: istio-envoy /
Resource Hash: ef6b40e219061cb4aa32dd17bd8a6c577c61f6da2700585d49b7c0034526ea90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.67d41279f60c361fcf059dbcbd6ae58a.gz.css?v=1212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:34:45 GMT
x-envoy-decorator-operation: brightspot-dims-verify.deseret.svc.cluster.local:80/*
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA53-C1
age: 56139
etag: c4765a6a3bfbbd2151ab867026455a9c
x-cache: Hit from cloudfront
content-type: image/jpeg
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-envoy-upstream-service-time: 209
content-length: 56627
x-amz-cf-id: T25DXa6npd_mN80-Q2nNBrhW4EAi6VdEpH05grMi4vKHl8qTOiz56g==
expires: Wed, 18 Oct 2023 03:34:45 GMT

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da93a0e7099150f0d5f627266768b0c8b9979e567ddfb577d1785595aebe99b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99eae70473ab18cc09d6bf979d967fd959f45f36e40447f22f603232e5a073e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e1526da8f25d1beb20238eb04e99aaf13e4a77c2b534d246229fb7eceadaeda

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13cf20ab39f2ee3b1029137d2f0bc18158f3414cc77af987c091aa6b2438b769

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 87 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d37a519f3a04fe4c01c920f2ba0cf85283ebd419b5d101a606c5ee2b33f19b35

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 _track Show response
www.deseret.com/ 0
337 B 314ms
299ms XHR
text/plain 143.204.215.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.deseret.com/_track

Requested by

Host: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/_resource/analytics/bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-86.fra53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: https://www.deseret.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 18 Oct 2022 19:10:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
x-envoy-decorator-operation: brightspot-cms-verify.deseret.svc.cluster.local:80/*
via: 1.1 a75b67932d84d80b40e12159613deb16.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 1
x-amz-cf-id: PuTjyJVSVAZFgPsDKo3kYMnsMeFafSnyarLu3JlLAAC-kkKkvuBRRw==

GET
DATA 200
OK truncated
/ 407 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e70ac0a9a238942d8a56dff8d09641460befff48e22876f5ce9023b3409fd331

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 l
use.typekit.net/af/49ef66/00000000000000003b9b2cfc/27/ 37 KB
37 KB 48ms
8ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/49ef66/00000000000000003b9b2cfc/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 351ba2ac20d28ffadb1115a6dd19d3a789cbd9d30d88630ca6d0a9a7fa6122d9

Request headers

Referer: https://use.typekit.net/qzq4qkv.css
Origin: https://www.deseret.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:10:24 GMT
server: nginx
etag: "cea691f813baff9c459e093daf1ff69d154fedc0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 37980

GET
H2 200 56873dddf01c173e6d7c.86be8971ac1519f2cfdf90b1b087eeaa.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/ 26 KB
26 KB 18ms
8ms Font
application/octet-stream 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/56873dddf01c173e6d7c.86be8971ac1519f2cfdf90b1b087eeaa.woff2
Requested by: Host: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.67d41279f60c361fcf059dbcbd6ae58a.gz.css?v=1212
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aeac3df5ca446725ac4a984ed4b6172c3b3b1cec23d70cc45ec546863f792264

Request headers

Referer: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.67d41279f60c361fcf059dbcbd6ae58a.gz.css?v=1212
Origin: https://www.deseret.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 01:11:30 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1015134
x-cache: Hit from cloudfront
content-length: 26436
last-modified: Thu, 17 Feb 2022 23:47:52 GMT
server: AmazonS3
etag: "03b913edebe839076662cf2c26e236e4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.deseret.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: wFRjqJnn5c9PepSEzaSOeSanf509lss9_mjlL-T37dHuWwUTu4rcKw==

GET
H2 200 a9fcb7d84180304e8fe7.f07418e94d3ab3dc90c1135c26084266.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/ 40 KB
41 KB 17ms
9ms Font
application/octet-stream 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/a9fcb7d84180304e8fe7.f07418e94d3ab3dc90c1135c26084266.woff2
Requested by: Host: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.67d41279f60c361fcf059dbcbd6ae58a.gz.css?v=1212
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 36b2007c0fe0a0f968bd49d1d050bd46989db93585b00b39df19ffa3e164047f

Request headers

Referer: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.67d41279f60c361fcf059dbcbd6ae58a.gz.css?v=1212
Origin: https://www.deseret.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 02:04:12 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1271173
x-cache: Hit from cloudfront
content-length: 41444
last-modified: Thu, 17 Feb 2022 23:47:51 GMT
server: AmazonS3
etag: "d9f196409e9e47511b99a9e6ba9a3df7"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.deseret.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: c13Hq9KGhZEUlFxlm2qD5ML7IDVgb4eQN2ULHCMcfzhg5nFpcexDag==

GET
H2 200 9a8d32d539073ef74f3e.64eccfd09cafb2704571be2d12cc225b.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/ 33 KB
33 KB 29ms
21ms Font
application/octet-stream 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/9a8d32d539073ef74f3e.64eccfd09cafb2704571be2d12cc225b.woff2
Requested by: Host: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.67d41279f60c361fcf059dbcbd6ae58a.gz.css?v=1212
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f0b2df67130c20d3f75e473ccf941fc8fea7c029d15adf044af4df143c45b2c

Request headers

Referer: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.67d41279f60c361fcf059dbcbd6ae58a.gz.css?v=1212
Origin: https://www.deseret.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 22:55:59 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1282466
x-cache: Hit from cloudfront
content-length: 33672
last-modified: Thu, 17 Feb 2022 23:47:53 GMT
server: AmazonS3
etag: "14a8a2847cf9b842624f7e4974f4fcd0"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.deseret.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: KPKRoB5IjGW3BPD6N-jiU9FzISS9S529m0c6LqZ4ORXjcX8bFCg-Yw==

GET
H2 200 b-7467d3d-a5555407.js Show response
tagan.adlightning.com/deseretdigital/ 82 KB
31 KB 14ms
13ms Script
application/javascript 65.9.66.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/deseretdigital/b-7467d3d-a5555407.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 16eb3534055e2d58d7a4d02d4e40e5b04274ea3f490a343ba2be6572f65655eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 17:30:07 GMT
content-encoding: gzip
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
x-amz-version-id: 5etEKaoZp06WW1IO_D7voVR4xhLGO0Bn
x-amz-cf-pop: FRA56-C1
age: 14953218
x-cache: Hit from cloudfront
content-length: 31167
x-amz-meta-git_commit: 7467d3d
last-modified: Thu, 28 Apr 2022 17:29:35 GMT
server: AmazonS3
etag: "9bae072ef13568f983b9b88c933f1d70"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Scfj2jE0WwumoDZ-sOOsHeUzQ6En27iu95FmhmknuScan4mjww2YWw==

GET
H2 200 bl-6fc77ab-7f84400c.js Show response
tagan.adlightning.com/deseretdigital/ 51 KB
22 KB 14ms
13ms Script
application/javascript 65.9.66.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/deseretdigital/bl-6fc77ab-7f84400c.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afac353253200fd5c11c9686fe57c91a7848c0fa83f019361dae73f283fa1129

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 15:55:39 GMT
content-encoding: gzip
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
x-amz-version-id: PQq_gPU9Y4WwBnu6VAf5FeT3aQ8wJK1L
x-amz-cf-pop: FRA56-C1
age: 357286
x-cache: Hit from cloudfront
content-length: 22073
x-amz-meta-git_commit: 6fc77ab
last-modified: Fri, 14 Oct 2022 15:54:44 GMT
server: AmazonS3
etag: "a528586d27729a278c5418604959faae"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: VUYJuEiuTYN0QYxqSmgpRSiWLBxVtZW--NsPKorSgVgDZFpQpsAK2Q==

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 /
deseret.brightspotcdn.com/dims4/default/fda6033/2147483647/strip/true/crop/3000x1688+0+156/resize/800x450!/format/webp/quality/90/ 76 KB
77 KB 42ms
32ms Image
image/webp 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deseret.brightspotcdn.com/dims4/default/fda6033/2147483647/strip/true/crop/3000x1688+0+156/resize/800x450!/format/webp/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2FoFJmlGGYFsu4ghKJEPXj_tX_-DA%3D%2F0x0%3A3000x2000%2F3000x2000%2Ffilters%3Afocal%281500x1000%3A1501x1001%29%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F24118406%2Fmerlin_2945702.jpg
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: istio-envoy /
Resource Hash: 92ef21bce8ccac8db0f5547310ba31ea552ca77ad34a60a12c88229f3d95cd77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:56:06 GMT
x-envoy-decorator-operation: brightspot-dims-verify.deseret.svc.cluster.local:80/*
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA53-C1
age: 4458
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-envoy-upstream-service-time: 209
content-length: 78234
x-amz-cf-id: 1QiBt92d1xsIwgywpUkgTcwLFjBE6O3qvrs2aV3AdbID8VcI4sLfJQ==
expires: Wed, 18 Oct 2023 17:56:06 GMT

GET
H2 200 /
deseret.brightspotcdn.com/dims4/default/248d515/2147483647/strip/true/crop/3000x1684+0+158/resize/490x275!/format/webp/quality/90/ 7 KB
8 KB 45ms
36ms Image
image/webp 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deseret.brightspotcdn.com/dims4/default/248d515/2147483647/strip/true/crop/3000x1684+0+158/resize/490x275!/format/webp/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2FQ9S1S91Y2GcRg-hqHxQq9MK-wRk%3D%2F0x0%3A3000x2000%2F3000x2000%2Ffilters%3Afocal%281500x1000%3A1501x1001%29%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F24107467%2Fspeechbubbleflag.jpg
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: istio-envoy /
Resource Hash: 26af86c46f4ca4148c9533580203149749128d303a9efd78497913255e810890

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:00:13 GMT
x-envoy-decorator-operation: brightspot-dims-verify.deseret.svc.cluster.local:80/*
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA53-C1
age: 58211
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-envoy-upstream-service-time: 447
content-length: 7370
x-amz-cf-id: XDmUx78jMzn95vuwkfKd7n7XylhZ4OGpBJMdQIse-5RHlcDBGS6c6g==
expires: Wed, 18 Oct 2023 03:00:13 GMT

GET
H2 200 /
deseret.brightspotcdn.com/dims4/default/316fbcf/2147483647/strip/true/crop/3000x1684+0+0/resize/490x275!/format/webp/quality/90/ 8 KB
9 KB 27ms
19ms Image
image/webp 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deseret.brightspotcdn.com/dims4/default/316fbcf/2147483647/strip/true/crop/3000x1684+0+0/resize/490x275!/format/webp/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2FgPoAFsf76joAY2bpRN-87EOyru4%3D%2F0x0%3A3000x2246%2F3000x2246%2Ffilters%3Afocal%281427x602%3A1428x603%29%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F24118780%2Fmerlin_2945802.jpg
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: istio-envoy /
Resource Hash: 3eb297ffdf53bb834657f62d1f1493bb14d335faba21eb0dfd53216d4b18ffea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:40:56 GMT
x-envoy-decorator-operation: brightspot-dims-verify.deseret.svc.cluster.local:80/*
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA53-C1
age: 55768
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-envoy-upstream-service-time: 175
content-length: 8416
x-amz-cf-id: hhh_wyCWQIXX2CvdivSSH06EJQKL8NQjftubzZOmRBWF1tnjXnikYw==
expires: Wed, 18 Oct 2023 03:40:56 GMT

GET
H2 200 /
deseret.brightspotcdn.com/dims4/default/355d63e/2147483647/strip/true/crop/3000x1688+0+0/resize/800x450!/format/webp/quality/90/ 26 KB
27 KB 30ms
22ms Image
image/webp 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deseret.brightspotcdn.com/dims4/default/355d63e/2147483647/strip/true/crop/3000x1688+0+0/resize/800x450!/format/webp/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2FAk6UqHpMAIDh7LQpxo3rd0r2Fps%3D%2F0x0%3A3000x1813%2F3000x1813%2Ffilters%3Afocal%281418x688%3A1419x689%29%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F24118797%2Fmerlin_2945742.jpg
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: istio-envoy /
Resource Hash: 0ad4ced2e2bbc29fed11f3705beb28710249aba5d91b852c4d43c9fd425ceb66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 05:05:04 GMT
x-envoy-decorator-operation: brightspot-dims-verify.deseret.svc.cluster.local:80/*
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA53-C1
age: 50719
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-envoy-upstream-service-time: 208
content-length: 27058
x-amz-cf-id: m1r57MbjXRngHawY2SPTRFnotwjhO3WjfZ70Xj4DzqXDcHSihXnPCA==
expires: Wed, 18 Oct 2023 05:05:04 GMT

GET
H2 200 /
deseret.brightspotcdn.com/dims4/default/06a50a8/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/ 11 KB
12 KB 30ms
23ms Image
image/jpeg 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deseret.brightspotcdn.com/dims4/default/06a50a8/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2F0E7EWG93rDOE6daKkJ0Pz-bcfnc%3D%2F512x512%2Fcdn.vox-cdn.com%2Fauthor_profile_images%2F195968%2Fsamuel.0.jpg
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: istio-envoy /
Resource Hash: 5349a63b98e640816a804bd41c5bd2a63344a8af7449bdf58112b702f2e85dd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:08:22 GMT
x-envoy-decorator-operation: brightspot-dims-verify.deseret.svc.cluster.local:80/*
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA53-C1
age: 97322
x-cache: Hit from cloudfront
content-type: image/jpeg
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-envoy-upstream-service-time: 29
content-length: 11536
x-amz-cf-id: ZC2VT7OhI3VSMpTfB3RLcMZuwGKoFUKWGQbELhBeEwEyrYsfGDbJzg==
expires: Tue, 17 Oct 2023 16:08:22 GMT

GET
H2 200 /
deseret.brightspotcdn.com/dims4/default/458d327/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/ 8 KB
9 KB 42ms
35ms Image
image/jpeg 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deseret.brightspotcdn.com/dims4/default/458d327/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2FIrvONFFs2fum_wozXJ_WF3p7rCs%3D%2F512x512%2Fcdn.vox-cdn.com%2Fauthor_profile_images%2F193253%2FBauerEthan_05.0.jpeg
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: istio-envoy /
Resource Hash: 717820a550d429da3163782fa5c5cf06ba7c9913ac264d0bfd0abaabac379af1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 15:31:00 GMT
x-envoy-decorator-operation: brightspot-dims-verify.deseret.svc.cluster.local:80/*
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA53-C1
age: 185964
x-cache: Hit from cloudfront
content-type: image/jpeg
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-envoy-upstream-service-time: 27
content-length: 8452
x-amz-cf-id: Zys3nRCAQZ76o9Ez0nQccH5rZcfRffdnElz8k1nQAVQnyiEjeM1eNA==
expires: Mon, 16 Oct 2023 15:31:00 GMT

GET
H2 200 /
deseret.brightspotcdn.com/dims4/default/f215adf/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/ 10 KB
11 KB 30ms
24ms Image
image/jpeg 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deseret.brightspotcdn.com/dims4/default/f215adf/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2FjxX1K7ES_RBPOpycosgUiqw_1yU%3D%2F512x512%2Fcdn.vox-cdn.com%2Fauthor_profile_images%2F195019%2Fnaomi.0.jpg
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: istio-envoy /
Resource Hash: 81a2b2aa152e77eb58b88a7896e5dc3c66b6a3e58e56220a81a9fb17797ffafc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 19:32:43 GMT
x-envoy-decorator-operation: brightspot-dims-verify.deseret.svc.cluster.local:80/*
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA53-C1
age: 257861
x-cache: Hit from cloudfront
content-type: image/jpeg
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-envoy-upstream-service-time: 26
content-length: 10669
x-amz-cf-id: XkheqfrycLBF5O-7sl0iN9MpnRHllo0nLY0kvmF-og7sg-nNCI16LA==
expires: Sun, 15 Oct 2023 19:32:43 GMT

GET
H2 200 /
deseret.brightspotcdn.com/dims4/default/89458ab/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/ 8 KB
8 KB 38ms
32ms Image
image/jpeg 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deseret.brightspotcdn.com/dims4/default/89458ab/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2FYE5lQCJKMVMjz8MZLW6mWP61wKc%3D%2F512x512%2Fcdn.vox-cdn.com%2Fauthor_profile_images%2F195918%2Feboo.0.jpg
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: istio-envoy /
Resource Hash: b297a9b9880e89c8a160d162f84548753b0a5b2670073acfaf201588a394fd7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:29:32 GMT
x-envoy-decorator-operation: brightspot-dims-verify.deseret.svc.cluster.local:80/*
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA53-C1
age: 337252
x-cache: Hit from cloudfront
content-type: image/jpeg
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-envoy-upstream-service-time: 23
content-length: 8155
x-amz-cf-id: low0KKxrYB307si0paspvNXqphAUMHoFm1tHAjuFfbZ8wHbJR74ajw==
expires: Sat, 14 Oct 2023 21:29:32 GMT

GET
H2 200 /
deseret.brightspotcdn.com/dims4/default/8121cca/2147483647/strip/true/crop/3000x1684+0+162/resize/490x275!/format/webp/quality/90/ 44 KB
44 KB 32ms
27ms Image
image/webp 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deseret.brightspotcdn.com/dims4/default/8121cca/2147483647/strip/true/crop/3000x1684+0+162/resize/490x275!/format/webp/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2FVzehRXoCtHnQQFbnz6tTHYX5bc0%3D%2F0x0%3A3000x2007%2F3000x2007%2Ffilters%3Afocal%281500x1004%3A1501x1005%29%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F24119905%2Fmerlin_2944924.jpg
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: istio-envoy /
Resource Hash: 320fb734642177c9fb0e0c55a3e2db2b6a45281fbe4af78a7bfaf98a200d1464

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:05:29 GMT
x-envoy-decorator-operation: brightspot-dims-verify.deseret.svc.cluster.local:80/*
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA53-C1
age: 3894
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-envoy-upstream-service-time: 249
content-length: 44956
x-amz-cf-id: WCCRS2z6svxCy5MRiuiMhB5LZaTKEs3Vm5BCLV_xLXHcREi3vmOBSw==
expires: Wed, 18 Oct 2023 18:05:29 GMT

GET
H2 200 /
deseret.brightspotcdn.com/dims4/default/1550c26/2147483647/strip/true/crop/1658x931+0+68/resize/490x275!/format/webp/quality/90/ 2 KB
2 KB 35ms
31ms Image
image/webp 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deseret.brightspotcdn.com/dims4/default/1550c26/2147483647/strip/true/crop/1658x931+0+68/resize/490x275!/format/webp/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2Fdxmz98SaPo6oNEbyfVQYz5dXg6s%3D%2F216x186%3A1874x1243%2F1658x1057%2Ffilters%3Afocal%281079x719%3A1080x720%29%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F24119921%2FAP22290557407031.jpg
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: istio-envoy /
Resource Hash: dbbde8bc08d79afd5f6973ecda299a8a57461e77e02545c6c2f188ef0ea1063e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:44:22 GMT
x-envoy-decorator-operation: brightspot-dims-verify.deseret.svc.cluster.local:80/*
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA53-C1
age: 5162
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-envoy-upstream-service-time: 56
content-length: 1712
x-amz-cf-id: czqIGYe3RieHG0XL7RFLsSmtzDNrs0WFPpxbUfOZVilrH2pzeOsptw==
expires: Wed, 18 Oct 2023 17:44:22 GMT

GET
H2 200 /
deseret.brightspotcdn.com/dims4/default/881be04/2147483647/strip/true/crop/3504x1967+0+185/resize/490x275!/format/webp/quality/90/ 19 KB
19 KB 42ms
37ms Image
image/webp 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deseret.brightspotcdn.com/dims4/default/881be04/2147483647/strip/true/crop/3504x1967+0+185/resize/490x275!/format/webp/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2FgXDwx1S-ZHPYSjpsh2evKnTCF7s%3D%2F0x0%3A3504x2336%2F3504x2336%2Ffilters%3Afocal%281752x1168%3A1753x1169%29%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F24088700%2FAP090126034736.jpg
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: istio-envoy /
Resource Hash: cfce9a22e317cb5c83fa53a9627b91b717cdc9c554e6ce6f0d8114219285fae4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:52:57 GMT
x-envoy-decorator-operation: brightspot-dims-verify.deseret.svc.cluster.local:80/*
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA53-C1
age: 11847
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-envoy-upstream-service-time: 175
content-length: 19446
x-amz-cf-id: Rt1LwDPRzhnFc5ThWxx4o-8iO6PlyEeyHF5XHoHtfMdWrVhcdE3kog==
expires: Wed, 18 Oct 2023 15:52:57 GMT

GET
H2 200 /
deseret.brightspotcdn.com/dims4/default/b1ef200/2147483647/strip/true/crop/3000x1982+0+0/resize/840x555!/format/webp/quality/90/ 64 KB
64 KB 41ms
38ms Image
image/webp 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deseret.brightspotcdn.com/dims4/default/b1ef200/2147483647/strip/true/crop/3000x1982+0+0/resize/840x555!/format/webp/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2FwLYe5dQyAJ-BCMljgO1MNLzYaTU%3D%2F0x0%3A3000x2289%2F3000x2289%2Ffilters%3Afocal%281350x679%3A1351x680%29%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F24112948%2Fmerlin_2945274.jpg
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: istio-envoy /
Resource Hash: 319a730db58e06a377245abe813a053356fb0e032768ed9e3b3eed83060ee624

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 03:15:15 GMT
x-envoy-decorator-operation: brightspot-dims-verify.deseret.svc.cluster.local:80/*
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA53-C1
age: 57309
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-envoy-upstream-service-time: 234
content-length: 65318
x-amz-cf-id: aXITMN5UXgUwzVlFelvBTkv0w7sf5FeN6StaFTWgs-2eka4YMH2BiA==
expires: Wed, 18 Oct 2023 03:15:15 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 306 KB
86 KB 52ms
22ms Script
application/x-javascript 2a03:2880:f050:f:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=e54621ecb3298b395c083f08487b20d4

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f050:f:face:b00c:0:3 Hamburg, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45876440482b8fd5869a0b104e36f7c6352417faf489b6e444cdca1f83357140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.deseret.com/
Origin: https://www.deseret.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Oct 2022 19:10:24 GMT
content-md5: C/R32S0mvQLg5BVpsa0l9w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88415
x-fb-rlafr: 0
x-fb-debug: o+5VtXL8A/l/sZnMYXda0BIRpkFFgDkdncuVGhnCIrYkrFY6Sx4kHj8OUYBTCpVzdkIINgUuic0e6gYpRNIpvQ==
x-fb-content-md5: b44b955fb1410d955ca6b518206bbd06
cross-origin-opener-policy: same-origin-allow-popups
etag: "758e0572fce7683ffe674e7efc1be811"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 18 Oct 2023 17:25:34 GMT

GET
H2 200 pubads_impl_2022101301.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
128 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070421

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1af2148d7bd5e2a0c9ddc1c5b9ff072996852f4f11ebc19695ba4ee08ddb9c4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 16:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8365
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131264
x-xss-protection: 0
last-modified: Thu, 13 Oct 2022 15:30:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Oct 2023 16:50:59 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 199 B
149 B 55ms
21ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.deseret.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b447bd6ec984d15bef59c5f0ca47234bfe29a9232e823395c39c43144553718e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:10:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124
x-xss-protection: 0
expires: Tue, 18 Oct 2022 19:10:24 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 58ms
15ms XHR
application/javascript 13.35.253.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-90.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: YousslGi_alc9N7i1PBVBMNtdY1LkTzi
content-encoding: gzip
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
date: Tue, 18 Oct 2022 01:07:17 GMT
x-amz-cf-pop: FRA6-C1
age: 64988
x-cache: Hit from cloudfront
last-modified: Thu, 06 Oct 2022 01:32:47 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 6cooF8G1dExZWtB5uuDKRFXs8XfPqoYYj4ZszimHnA_NFCqUGUDCMw==

GET
H2 404 newsBanner.json Show response
uploads.deseret.com/files/deseret-news/ 305 B
576 B 244ms
214ms Fetch
application/xml 2606:4700::6811:fc66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads.deseret.com/files/deseret-news/newsBanner.json
Requested by: Host: uploads.deseret.com
URL: https://uploads.deseret.com/scripts/deseret-scripts.bsp.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:fc66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ee30b7a169382cdd8a484dea16bfaabaac242cb236c8aa87ef1e9a20c6cdc30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:10:24 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-request-id: S6HVP9N6X1WA2RJ0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/xml
access-control-allow-origin: *
cf-ray: 75c392ec4ac49b55-FRA
x-amz-id-2: +VrLVHWx04InU1aRNx7suWN1eVI9ydFPUhJs+I5OU1akfeqL7/x1/GXBoBWRQyb7FhytAy/SQVU=

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 102 KB
26 KB 39ms
18ms Script
application/x-javascript 2a03:2880:f050:f:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.deseret.com
URL: https://www.deseret.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f050:f:face:b00c:0:3 Hamburg, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

df95c359e3559c219087fcb7d390b577cbd6577c0338d18644bd275149c62a86

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 18 Oct 2022 19:10:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27029
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: mhaT2sOW5LeLeoUt/N1gwEpMM3LXoDX6W1zkrqNTqeIZC5PC+QomHbLAHuKEfsnbezFGi3MIAi7qo0uz3yMqwA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
191 B 55ms
10ms Image
text/plain 143.204.215.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=16033947&ns__t=1666120224685&ns_c=UTF-8&c8=Deseret%20News&c7=https%3A%2F%2Fwww.deseret.com%2F&c9=
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-23.fra53.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:10:24 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 2zXKM8RzFansVjn10i_RvwUdDPRZth9L7Ms6Ffj8ux-ftC4ItdjJjg==
x-cache: Miss from cloudfront

GET
H3 200 1860428570942209 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 70ms
70ms Script
application/x-javascript 2a03:2880:f050:f:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1860428570942209?v=2.9.85&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f050:f:face:b00c:0:3 Hamburg, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4cfd5c388c86048d67802008edc7dc2fc1d5303c7f621db126f7704e6c6d2143

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 18 Oct 2022 19:10:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 0ve3O9sa0SgQ831sh4te40sP3VSjD7AmqL6vKvPflsXDxJ4/v9s8YF1hBZPF9Cz00JmeuNGd78VCNDZaeBsoaA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 385 B
741 B 12ms
8ms XHR
application/json 13.35.253.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.deseret.com&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-90.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 4ad12603989e23ddf239f228255bcffc77fb8e9503829993b6d01c80cddd8d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:42:53 GMT
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
age: 5252
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.deseret.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 385
x-amz-cf-id: sVYw0Pow6Oy8DxTAikJpanUOnvmF96cJzi4WR6RJjBIIR_E6ra3lVA==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
463 B 138ms
51ms XHR
text/javascript 143.204.94.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.deseret.com%2F&pid=ROsxHzUYWI1d5&cb=0&ws=1600x1200&v=22.10.32118&t=1000&slots=%5B%7B%22sd%22%3A%22htlad-2-gpt%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F22653237939%2Fdeseret%2Fwww.deseret.com%2Ffront_page%22%7D%2C%7B%22sd%22%3A%22htlad-5-gpt%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22653237939%2Fdeseret%2Fwww.deseret.com%2Ffront_page%22%7D%5D&schain=1.0%2C1!hashtag-labs.com%2C1000000598%2C1%2C%2C%2C&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.94.230 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-94-230.fra50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:10:25 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: 71BGH09AJTFN8RR3K75S
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.deseret.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: psm1VRnrcYVYEZNOaQF80yZp8clv6INIBFKk472wKDjtiG-3uYuYqQ==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 38ms
11ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1860428570942209&ev=PageView&dl=https%3A%2F%2Fwww.deseret.com%2F&rl=&if=false&ts=1666120225108&sw=1600&sh=1200&v=2.9.85&r=stable&a=tmgoogletagmanager&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%221417805635322120%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%223214915288825798%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1666120225105.395376082&it=1666120224964&coo=false&rqm=GET

Requested by

Host: www.deseret.com
URL: https://www.deseret.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 18 Oct 2022 19:10:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 56 KB
16 KB 211ms
172ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:10:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Sep 2022 13:13:44 GMT
server: cloudflare
x-amz-request-id: K3CZWET2XCCZTW7M
age: 2914
etag: W/"68154020ef14b5881614607902c7c21b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 75c392ef8d249be0-FRA
x-amz-id-2: /HQsyvUVj26nbYApz5Ohqg2DTOxD7spOw0TNMJbJESeOQ+0P31iqsTC6k3lCCXP7bXLa0QHJv/k=

GET
H/1.1 200
OK 1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 68 B
448 B 350ms
110ms Image
image/png 52.216.106.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=ed72d3fb7396
Requested by: Host: www.deseret.com
URL: https://www.deseret.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.106.35 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 19:10:26 GMT
Last-Modified: Mon, 26 Oct 2020 16:52:19 GMT
Server: AmazonS3
x-amz-request-id: E116WKY4CV8ZFMS6
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: +q7biSUlS6EFvxP3w5C5Bv6kDJDjE0Jc9qcEmTwQq8fI63xYRuxSf1yM4v6HbJSM8k7ncV+PyUU=

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 94ms
28ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.deseret.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 85ms
27ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.deseret.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 119 KB
38 KB 589ms
588ms XHR
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=284198215251265&correlator=3368612030386097&eid=31070421%2C31068367&output=ldjh&gdfp_req=1&vrg=2022101301&ptt=17&impl=fifs&iu_parts=22653237939%2Cdeseret%2Cwww.deseret.com%2Cfront_page&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=970x250%2C2x2%2C300x250&ifi=1&adks=1321699649%2C4084835696%2C1713718832&sfv=1-0-38&fsapi=false&prev_scp=position%3Ddesktop_leaderboard_variable%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Cposition%3Dwings%7Cposition%3Dmedium_rectangle_variable_section_front%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0&eri=1&cust_params=htlbidid%3D12488%26is_testing%3Dno%26is_home%3Dyes%26category%3DHome%26post_id%3D0000017f-0a13-d26d-a77f-8f7f16290000%26entry_group%3D%26entry_id%3D%26entry_type%3Dhomepage%26page_type%3Dhome_page%26hub_pages%3D%26keywords%3D&sc=1&cookie_enabled=1&abxe=1&dt=1666120225254&lmt=1666120225&dlt=1666120223801&idt=1098&adxs=315%2C799%2C1040&adys=478%2C603%2C1376&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.deseret.com%2F&frm=20&vis=1&psz=970x0%7C1600x0%7C300x0&msz=970x0%7C1600x0%7C300x0&fws=4%2C4%2C4&ohw=1600%2C1600%2C320&ga_vid=1912283711.1666120225&ga_sid=1666120225&ga_hid=1598760131&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070421

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce164089c85ffe5ede15b2080ce0f3de4700c9a8781f9a35b8a77cd4e0ef152c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:10:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38946
x-xss-protection: 0
google-lineitem-id: -1,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.deseret.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 06BB 6 KB
4 KB 105ms
17ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070421

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.deseret.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 19:10:25 GMT
expires: Wed, 18 Oct 2023 19:10:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
329 B 44ms
9ms XHR
application/json 141.95.98.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.eu-1-id5-sync.com/lb/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.95.98.70 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3216620.ip-141-95-98.eu
Software: /
Resource Hash: 5a8371880a9712fc3daf07e8bcd965e1fbcb28b36a6a3798c15a1d0b91a0901f

Request headers

Referer: https://www.deseret.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.deseret.com
date: Tue, 18 Oct 2022 19:10:25 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 34 B
210 B 45ms
9ms XHR
application/json 2001:41d0:701:1000::31ee
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:701:1000::31ee , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 7f70aad56375a364a2211b837d5bd73bdce3e449fab5710e41bb9458e161091a

Request headers

Referer: https://www.deseret.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.deseret.com
date: Tue, 18 Oct 2022 19:10:25 GMT
content-length: 34
vary: Origin
content-type: application/json

POST
H/1.1 200 517.json Show response
id5-sync.com/g/v2/ 216 B
625 B 39ms
9ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/517.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

4a1cda636c0c061bd9bf1e12db9009ea26e6160f46a766c30e17ab3a72f4cc58

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.deseret.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.deseret.com
date: Tue, 18 Oct 2022 19:10:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 49ms
24ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022101301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js?cb=31070421

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a8413f6a3ed41a0c8fda27a9f2053a7e0163afbff1a075607880d674c8ddaf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11132
x-xss-protection: 0

GET
H2 200 p.js Show response
cdn.parsely.com/keys/deseret.com/ 60 KB
22 KB 37ms
10ms Script
application/javascript 65.9.61.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/deseret.com/p.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9QHGH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.61.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-61-60.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 73667dde0a59b52b3e17b0d5641ec93a10bde180b1a0029250c2690c78b1dd9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Tue, 18 Oct 2022 03:19:19 GMT
content-encoding: gzip
via: 1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
last-modified: Tue, 19 Oct 2021 21:52:02 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
age: 57066
etag: W/"616f3e02-f1f7"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: Pshj83Pa52iB0mjd4dxA0RcfGmco6yteAw0tOIWTAc470NSjfelDvQ==
expires: Wed, 19 Oct 2022 03:19:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 35ms
8ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9QHGH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Oct 2022 17:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6868
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 18 Oct 2022 19:15:57 GMT

GET
H2 200 deseret-scripts.min.js Show response
uploads.deseret.com/scripts/ 291 KB
91 KB 73ms
73ms Script
application/javascript 2606:4700::6811:fc66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads.deseret.com/scripts/deseret-scripts.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9QHGH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:fc66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8ec347230f08126775e096cbc50c88aee366c466425174ceb17c6d383dd1731

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:10:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 13 Oct 2022 01:59:18 GMT
server: cloudflare
x-amz-request-id: BD7NQCTX9ZF8ZY33
age: 2916
etag: W/"a5c91727f604b7e9f5c2cde51046559c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 75c392f1bbf89966-FRA
x-amz-id-2: kakFdme+tcmY1PuRo5S30r8nkPpXeF+/eCBYckplMAuEoQBwTzzgPBlbDEOTGIJPx+vSVAHo7+g=
expires: Tue, 18 Oct 2022 23:10:25 GMT

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/16033947/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
360 B

8ms
7ms

Script
application/javascript

143.204.215.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Server: 143.204.215.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-23.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:42:17 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1689
x-amz-server-side-encryption: AES256
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 0
x-amz-cf-id: RJIChWh9I-uXPAUjrPCzQf9ILhq94ki1PXFSkC6xq3OIoJcpynIxyA==

Redirect headers

location: /internal-c2/default/cs.js
date: Tue, 18 Oct 2022 19:10:25 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
content-length: 0
x-amz-cf-id: Za790UhqqmuI1JEznkxUqKEFkc_f4vDWKw8KrcheAJgKg4vZBykiaA==
x-cache: Miss from cloudfront

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
258 B 132ms
29ms Image
image/gif 54.155.18.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1666120225600&plid=83927329&idsite=deseret.com&url=https%3A%2F%2Fwww.deseret.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.deseret.com%2F&sref=&sts=1666120225596&slts=0&title=Deseret+News&date=Tue+Oct+18+2022+19%3A10%3A25+GMT%2B0000+(GMT)&action=pageview&pvid=10914361&u=pid%3Dc229387aade996e0495918b1c844de67
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 19:10:25 GMT
Cache-Control: no-cache
Last-Modified: Tuesday, 18-Oct-2022 19:10:25 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 62ms
21ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 19:10:25 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 27ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1860428570942209&ev=Microdata&dl=https%3A%2F%2Fwww.deseret.com%2F&rl=&if=false&ts=1666120225611&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Deseret%20News%22%2C%22meta%3Adescription%22%3A%22In-depth%20news%2C%20analysis%20and%20opinion%20covering%20Utah%20and%20the%20nation.%20Explore%20Utah%20sports%20coverage%20from%20the%20Utah%20Jazz%2C%20BYU%20Cougars%2C%20Utah%20Utes%2C%20and%20high%20school%20athletics.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Deseret%20News%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.deseret.com%2F%22%2C%22og%3Asite_name%22%3A%22Deseret%20News%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22url%22%3A%22https%3A%2F%2Fwww.deseret.com%2F%22%2C%22description%22%3A%22In-depth%20news%2C%20analysis%20and%20opinion%20covering%20Utah%20and%20the%20nation.%20Explore%20Utah%20sports%20coverage%20from%20the%20Utah%20Jazz%2C%20BYU%20Cougars%2C%20Utah%20Utes%2C%20and%20high%20school%20athletics.%22%2C%22publisher%22%3A%7B%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22Deseret%20News%22%2C%22logo%22%3A%7B%22%40type%22%3A%22ImageObject%22%2C%22url%22%3A%22https%3A%2F%2Fdeseret.brightspotcdn.com%2Fdims4%2Fdefault%2F12caf86%2F2147483647%2Fstrip%2Ffalse%2Fcrop%2F2578x293%2B0%2B0%2Fresize%2F528x60!%2Fquality%2F90%2F%3Furl%3Dhttps%253A%252F%252Fchorus-production-deseret.s3.amazonaws.com%252Fbrightspot%252Ffe%252Fc2%252Fd2c642da48e5b42fdbb399f1da6f%252Fdeseretnews-logo-yellow-period.png%22%2C%22width%22%3A528%2C%22height%22%3A60%7D%7D%2C%22name%22%3A%22Deseret%20News%22%7D%5D&sw=1600&sh=1200&v=2.9.85&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1666120225105.395376082&it=1666120224964&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 18 Oct 2022 19:10:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 36ms
16ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1598760131&t=pageview&_s=1&dl=https%3A%2F%2Fwww.deseret.com%2F&ul=en-us&de=UTF-8&dt=Deseret%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChACEABBAAAACAAI~&jid=1649307858&gjid=1048870363&cid=1912283711.1666120225&tid=UA-25484401-1&_gid=1069465921.1666120226&_r=1&gtm=2wgah0W9QHGH&cd1=0000017f-0a13-d26d-a77f-8f7f16290000&cd2=homepage&cd11=deseret&cd12=deseret&z=502152129

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.deseret.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 19:10:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.deseret.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 61ms
20ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-25484401-1&cid=1912283711.1666120225&jid=1649307858&gjid=1048870363&_gid=1069465921.1666120226&_u=YChACEAABAAAACAAI~&z=1281638177

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.deseret.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 18 Oct 2022 19:10:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.deseret.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 33A1 13 KB
5 KB 28ms
8ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.deseret.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7252
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 17:09:33 GMT
expires: Wed, 18 Oct 2023 17:09:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 47D3 783 B
1 KB 77ms
47ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a5e1453f994702244f9afece21359693f4e380f75755967017e3ea8b7a50c2ec

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BJMvferQn7Md4B4V1PNZAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.deseret.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-BJMvferQn7Md4B4V1PNZAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 19:10:25 GMT
expires: Tue, 18 Oct 2022 19:10:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js Show response
pagead2.googlesyndication.com/bg/ Frame 33A1 36 KB
16 KB 34ms
12ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:08:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15922
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 18:08:47 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 55ms
54ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-25484401-1&cid=1912283711.1666120225&jid=1649307858&_u=YChACEAABAAAACAAI~&z=931985034

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 19:10:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 82ms
46ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-25484401-1&cid=1912283711.1666120225&jid=1649307858&_u=YChACEAABAAAACAAI~&z=931985034

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 19:10:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 47D3 0
0 41ms
41ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022101301&jk=284198215251265&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 33A1 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?rOG8UA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:10:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 container.html Show response
109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B10C 6 KB
3 KB 37ms
15ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.deseret.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 19:10:25 GMT
expires: Wed, 18 Oct 2023 19:10:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8C4B 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.deseret.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 19:10:25 GMT
expires: Wed, 18 Oct 2023 19:10:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bl-6fc77ab-7f84400c.js Show response
tagan.adlightning.com/deseretdigital/ Frame B10C 51 KB
22 KB 8ms
7ms Script
application/javascript 65.9.66.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/deseretdigital/bl-6fc77ab-7f84400c.js
Requested by: Host: 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
URL: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afac353253200fd5c11c9686fe57c91a7848c0fa83f019361dae73f283fa1129

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 15:55:39 GMT
content-encoding: gzip
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
x-amz-version-id: PQq_gPU9Y4WwBnu6VAf5FeT3aQ8wJK1L
x-amz-cf-pop: FRA56-C1
age: 357288
x-cache: Hit from cloudfront
content-length: 22073
x-amz-meta-git_commit: 6fc77ab
last-modified: Fri, 14 Oct 2022 15:54:44 GMT
server: AmazonS3
etag: "a528586d27729a278c5418604959faae"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: SJGu5UR_pe5RProtglVxvXfW4DjMjr2Wc_-8zVAnEvOkOpPkwP2MWw==

GET
H2 200 b-7467d3d-a5555407.js Show response
tagan.adlightning.com/deseretdigital/ Frame B10C 82 KB
31 KB 8ms
7ms Script
application/javascript 65.9.66.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/deseretdigital/b-7467d3d-a5555407.js
Requested by: Host: 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
URL: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 16eb3534055e2d58d7a4d02d4e40e5b04274ea3f490a343ba2be6572f65655eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 17:30:07 GMT
content-encoding: gzip
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
x-amz-version-id: 5etEKaoZp06WW1IO_D7voVR4xhLGO0Bn
x-amz-cf-pop: FRA56-C1
age: 14953220
x-cache: Hit from cloudfront
content-length: 31167
x-amz-meta-git_commit: 7467d3d
last-modified: Thu, 28 Apr 2022 17:29:35 GMT
server: AmazonS3
etag: "9bae072ef13568f983b9b88c933f1d70"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Xbm9BfclPiSn7ayy-CY0Maat8Voo_3lutMrBoneuLFtMGhdgRdQehg==

GET
H2 200 css
fonts.googleapis.com/ Frame B10C 2 KB
1 KB 54ms
17ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
URL: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Oct 2022 19:10:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 19:05:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Oct 2022 19:10:26 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame B10C 2 KB
902 B 9ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
URL: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 21:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 21:44:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/ Frame B10C 23 KB
9 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/abg_lite_fy2021.js

Requested by

Host: 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
URL: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 21:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 21:44:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame B10C 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/window_focus_fy2021.js

Requested by

Host: 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
URL: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 21:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 21:44:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame B10C 17 KB
7 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
URL: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 21:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 21:44:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B10C 0
0 36ms
16ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRGPYh85Ziz_rVIbvGn5uMsfX_tVNlW2S386lTP1wdZyRTUzIvypzGuG8abmfgptDqsT-UZ
Requested by: Host: 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
URL: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B10C 152 KB
46 KB 2883ms
2857ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
URL: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 19:10:29 GMT

GET
H2 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame B10C 33 KB
14 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
URL: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 06:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 391721
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 20:37:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 06:21:45 GMT

GET
H2 200 bl-6fc77ab-7f84400c.js Show response
tagan.adlightning.com/deseretdigital/ Frame 8C4B 51 KB
22 KB 9ms
8ms Script
application/javascript 65.9.66.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/deseretdigital/bl-6fc77ab-7f84400c.js
Requested by: Host: 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
URL: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afac353253200fd5c11c9686fe57c91a7848c0fa83f019361dae73f283fa1129

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 15:55:39 GMT
content-encoding: gzip
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
x-amz-version-id: PQq_gPU9Y4WwBnu6VAf5FeT3aQ8wJK1L
x-amz-cf-pop: FRA56-C1
age: 357288
x-cache: Hit from cloudfront
content-length: 22073
x-amz-meta-git_commit: 6fc77ab
last-modified: Fri, 14 Oct 2022 15:54:44 GMT
server: AmazonS3
etag: "a528586d27729a278c5418604959faae"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: IzeIxB6IuZB342RET0r4G59DPHqNNZhtXmEBmVeprqtRchYgO5TA7g==

GET
H2 200 b-7467d3d-a5555407.js Show response
tagan.adlightning.com/deseretdigital/ Frame 8C4B 82 KB
31 KB 11ms
10ms Script
application/javascript 65.9.66.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/deseretdigital/b-7467d3d-a5555407.js
Requested by: Host: 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
URL: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 16eb3534055e2d58d7a4d02d4e40e5b04274ea3f490a343ba2be6572f65655eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 17:30:07 GMT
content-encoding: gzip
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
x-amz-version-id: 5etEKaoZp06WW1IO_D7voVR4xhLGO0Bn
x-amz-cf-pop: FRA56-C1
age: 14953220
x-cache: Hit from cloudfront
content-length: 31167
x-amz-meta-git_commit: 7467d3d
last-modified: Thu, 28 Apr 2022 17:29:35 GMT
server: AmazonS3
etag: "9bae072ef13568f983b9b88c933f1d70"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ivCGzmnlOHLosUdu_0bg6lP_m6udTWwkwCVNwM16M1QP0A9WZS-DWQ==

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C4B 42 B
63 B 42ms
42ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DGxrsdCIFgR1m2i5dhpKtT9kbJ1cxfHTstQLqb2y3RwWZMa9fKdxlaHP5MvmbYPDOK-Wxise_COL7kWil4KEJAFimlah5EsjRnScKxEK-OLv-nwO4

Requested by

Host: 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
URL: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 19:10:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame 8C4B 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/window_focus_fy2021.js

Requested by

Host: 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
URL: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 21:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 21:44:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame 8C4B 17 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
URL: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 21:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 21:44:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8C4B 0
0 17ms
16ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQmUkqlUZP94w3kUE44GhGdDogu5UumgZW2XIL97E28ngNgL33aojjqdCh2noIhfpgQEcC2
Requested by: Host: 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
URL: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C4B 152 KB
46 KB 2918ms
2899ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
URL: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 19:10:29 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B10C 0
0 58ms
58ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CVWcOIfpOY9baE9mQ9fgPjMSnkAf8jYK_bJ3Ev8iZEL2itsirMhABIJb2lI8BYJWqlIKgB6AB8L3G9gPIAQmpAgcrWdR5fLA-4AIAqAMByAPLBKoEjQJP0DjqC2Ad5CEjyhjLjEir-H6ooevqcHDnCamOyCMb3AHjtk4I-hjaUu4GifIxpwVY7NvEsn6ZQYrCmoB000ati7k2VX2kY1QBTt5B7NAZizOPHplx5reQjHEPHc0SgZ_lLGhu8_DGmREQq9ZjloJlS1GtdJgEDlejXubhRPzNLDeKSiD7yqsb-vwnQ2wTJcJtDX_l0z0iUZ6FZC6pHKA4k7nXKB5itxzdtcjic8c-Hfe93EhqVkwBjlSLWkqyC60oWrZZL4xl5sg4V8Wj9TD-YuXGA22u8owByjWgsP_xWmUslYr8PmxGPyKnLu1BTgv8vvxZGKDNNsyapBf_UOY17Bomeqre5hQRE9UH_8AExvPBw5gE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_jBuQmoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ-oMQ0ggSCIjhgHAQARgdMgPrggE6AoBAgAoDyAsB2BML0BUBmBYBgBcBshcfCh0IABIUcHViLTYyODA4MjY2Mjc3MjExNDYYkIyBAQ&sigh=og9-KYe7e0A&uach_m=[UACH]&cid=CAQSPgDq26N9oy7cc6wWwYOaWPvQyN90iR0zHmXwmAjLp86EXQMWKeVhsHXLzhbfjnXp2OyFGJB1f7fNvzEnwMa3GAEgDg&template_id=494
Requested by: Host: 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
URL: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame B10C 33 KB
33 KB 62ms
11ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSSCoPpzpvjCYoDUuclFeTalew7iv7_oeHKurVLyArbtXtsTNCca-VHAL97-Q&usqp=CAI

Requested by

Host: 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
URL: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b581d4fb6e47f84d39a3fd29e36c1343cd2ffd8fd1f468fd4f88889b3880c49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 07:43:37 GMT
x-content-type-options: nosniff
age: 473209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33672
x-xss-protection: 0
last-modified: Fri, 12 Aug 2022 05:16:52 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 13 Oct 2023 07:43:37 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame B10C 21 KB
22 KB 43ms
9ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQUN20lu_kmLbTtuD4eQgpx36AswZDNcTJjXuHgnSil1SSqij2D2CJcIsDG6M4&usqp=CAI

Requested by

Host: 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
URL: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa16b740e4d2f2fc389f5a4cb8e1dcdfcd329621eb83528238eca02b0d848d6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 13:49:49 GMT
x-content-type-options: nosniff
age: 451237
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21605
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 04:06:49 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 13 Oct 2023 13:49:49 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame B10C 21 KB
21 KB 50ms
10ms Image
image/jpeg 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRcliLvAd05sj3xg6aha_5511h6aYieoKA2kekPgSAdyQaI4sqGojFLPx-ifw&usqp=CAI

Requested by

Host: 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
URL: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4cf51f1f32eb92006790b3fbf068aa00b4c8043c20c2fc96ad3ae1bdbbb85c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:00:54 GMT
x-content-type-options: nosniff
age: 4172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21320
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 07:21:58 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 18 Oct 2023 18:00:54 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame B10C 39 KB
40 KB 46ms
9ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSKU8vWphlDeVDKU8aJ5qWQgYly4LNl0ZPp9UtqBJlbYp10JZRSLtkfdowjyX4&usqp=CAI

Requested by

Host: 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
URL: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10fb34f53bd633989a89e1078a012e7b5bc3b7f87f5c0b890f3be37ec3d0b0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 17:14:09 GMT
x-content-type-options: nosniff
age: 438977
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40201
x-xss-protection: 0
last-modified: Sun, 20 Mar 2022 01:02:32 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 13 Oct 2023 17:14:09 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame B10C 21 KB
21 KB 54ms
17ms Image
image/png 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQ6VFXeHyJ7gvSjPrO9WKPRNfvOFgfjrDZNailwVxjT2HR8xkt6&usqp=CAI

Requested by

Host: 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
URL: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13445ee05df55dc76c54059d73ae5077c4d08a7fd52c8dcb68e55b5b26ff2c78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 20:16:36 GMT
x-content-type-options: nosniff
age: 514430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21587
x-xss-protection: 0
last-modified: Wed, 10 Jul 2019 07:52:36 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 12 Oct 2023 20:16:36 GMT

GET
DATA 200
OK truncated
/ Frame B10C 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b8b231c91771d486e50cf5faf4839ddda6d7d54d45c8c149f91149cebd208c54

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A7D0 0
209 B 21ms
21ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhjO-MDVATAB&v=APEucNWhVBj7jeqVwxmhxZNT3Rf-QRrwwQG0IGfPiKLJOexywSbkIholJ9yaVbCvIQBuFCmJ8s-PfYeG0upIOEQGhhgKHZZjEw

Requested by

Host: 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
URL: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 19:10:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8C4B 66 KB
30 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DJmv8qvMeRXnQz5eGDGZf0xBV5Vsx93zCXBU5xo52dTQrczI4KHSFcC95pWAM522UbOn_JyzHGGutedUkDZS_E6NVbwQ&cry=1&dbm_d=AKAmf-Cv70w3emJBJbZ7SYLSGCt0NsjbwPAKOXVCMUejhAB76bGDswNYpbofoOBfzYpAEX6lVcJ_OccFEPPu_T-F2jQFsrl6qltkJaBwgu-gl_egVOmn7aWA7BMok0goiBaxFj6HMtisz7OroreNrw-P0cej4H3I4ZmGzKpR6YOIkS6bKTvj6MqBjkLzbUgjHiKBf-SxGAGIh8jkNwOaY_3dvdMRZrtq3J-BIasB3GGan3rgEXycg554MGlrsXXXjAh9mBG-thRok1YhkGNsQrgBUQXSA8GhacETcQlKmiUTm8zkao5xF80Tg31zCu_G_ow83P69yc6oQsvB5qsBHNbj_n3j2DNe4ZFFiv-17jV1Ol8L1AucLXyMoEidYoj8EkCjSEIP3tg8ao7MvAREeeq5osDcjx7g4Bos4vVaDu_eNXdjBq2RE0-EZb926eOre6miTqYccssAoXQcAv-x5dyrlfKbbEsRmIUf8LKlLlLTCemOU1sjXEvxloIG-K2IqLidCjA18PNqiFu-ID7xzn951XQT5xy0j6DQk10PP0h5jDeSE8eLduc5Y6e9VqeoYHMrD3epLjScYFBDGL_mVOlWctipbsFI6ZzszoDHkS6AK7ibftxn0Quj0SruTBJCwASv2H3HPCt_osLZUfq2-vioSFwNF1rZMzW310WPGCqiQ9UYtYumLWKhnQRvmJ7Wdg0UqyydEQuvnqVKHOErPM-1yUJj_qAwmJ01z9hJHu17Sso5doNzY0gr7acJOuLrxoo7hlcxgU2UKKjzruza6WY67Hm0ag1WWeM-y671cTL9veY7dMtJ2h2hH_MHCstmz0RKkmldWfL4uSdKBFGNDeQLzkBiBddXRRYSy6au-qJLp4h6wtEYEWdsgpAfki55vLytyAlRrU8-RLChivfNq-BahkeD2X5YT9TiSBhX0IRSBXNpu-qz9xm_jGouAhl_CFQHluaPII7RpS-EapjF-3AkNwA3VmKsgHA4oqW4kENrnzQr-WBRiN5_BFV6i9R4T3teCuMHL9Rf92zFX_xnrTO7LZ7hf7pZm9BmLIDevxfmkYyLz35OYhOUtXhuWqp53rIK05ImLCneF-kziDwVyT0ydFziWLu4SjklBTD7970rDdkb9Nnp6tKP9bfKWR2apdNu1Gulw0G2HmWQMWqknG9t78ykh0tEtCimsqRvxK2OrrFz0yWlOQqfi4-RoQ6rdPk4TTlGJuehovX_1n7i6ErVxyIg0tS-kPZrHvOdEIsUiayzH8JCBZLb2R12P3xTWuf_yDvgtRGEYuDtaLBsfG5kYoCarV4adlpBZmzEj2znKZq27Xn7MsBo8qaERluz_3sA5wKfpBDw_y0D57fhrVn-UJaL1Z72eqeW9Kg54QfZEnlfn1L66cDyc9Cc-Jj-pmS2VQuD-cWygWqtvSFi2P4tMiT4Jr0ihw6O05vcyAgljL8T4A3vFmNb1ZBce8VoYMfAMylN0tL7klKP7rAdco1R1vD4Vq9xWM1uzN2QVujc2M-4jgMKDWItqSEiVyy-sVQSa_IDQPED4jX25rDfNzsfaS1xiw0568uOiFttXZT92Dq5NBVP-p4ssF_8_3IHTp5FgoOV6xawfv5_1gBCRNofQo647IQ1Pv0ynQgaIlf85h2Hoqk9BTYeNHUruM7R6RxHrTe1cDyk2IyBLv-3IcralSGOF0ArIW_crnce7wk9HondJw2JPJ5YHuQtuAMQZReQYr0KYA8JpQRvtEKiNraqxf5K8q9dN1UTFw9i8GrRcDEgAUVUo_jvFdXLaWOkLBDz1MGIsb1ll6coTeQfJ5m6o7elG68P80gDx8sZbo2bGiu-h-WUtLa0hH2rNOPjg_4teozQwrrBl54U14mIezqm5_PiL35I5i6cfl9UgtJT3DFIwzrOeh0RfxlpR1Z7kvJDrFKRyzwQsN-olB0KqLcqkkNafa3OJEcm7byn0KypIUiORQRY9GOJzzMGyYiTkWQJ_-LFw4ARpMTjJxJ69qSeAoKLlkv-e3cXHMMgmF85KF7l1EhcTQDRHmIOJvT3nRgzMn4K8I7Uydgx7eS05xrYvSBxgMiZ8NRhiuS2TyldvTi82cAftIETWwFYL0Dui3Ji8AUVaMvRLFfN4zk7lfGnN3mae8c7J2UwQWDM8XeXn4tJ_iqO-AMfVrmPYmMBaeOq1jv2oe3etwnjA8RFcc6xpsfXHYLNGqTUs_F6LmH6mfdeTXL8JfJ4TzgxHYAB7_uFnCB6RVO05OqhsK_ypQskP3uNSn3Y_Z0TH7D7cAr8-jbseszDNHP9ylR5ZcU5TiASb01NPA2g8nKjyOMC-iUbzC6kvR1QvLE0kz5c7xSkrGzRgn9BCw9DoovxziT_mtak6gmf1OlEYw3iKiKfwlyVKkEi3JJS7Vub7b0VF1WLplPJlxwAfiVHN90nYYhL_l4bAXOgHxBAlqroOjxLhtHomIgii1OOqTX86PxHRf1zolRG51ERITFzLuN7timxkA6m5WO-BGFfqwwmQv41Wo0JaanJfuNBzd6yG9Pxaj9CRKZgOfO1e3sWxiAlXvKQZJuauGoWCAu7WZCQG19LAKBaGHbHQlApc20Yk6WUQ_rQmko34W53WY46uQ4BEa_h2L1byhWg6ct4zZMeKdmCEMKhhGyzJETSKQeqM1KguxfUR-4A2z9j1KzMFdYB2wJCDEg7oiaKrfj4VghKSryaFH_Z9grlMHPVx0U6izdlJnGQZXm0Z93rNMlcBrXXcC3z5qTBjs5zsuCyFOvjq189kRrp9ruiiXRwntVuiKc-TEmiJ_yvB74ER9BVN9T_FXP9pILfpbGWscbJkz-VKqlCe0W839pS77RtdYMyUkkrY2wtkSiInOzXn6we60lFzCRiiQBurH1OBuB05nRvJbOryU83sbUneGtDHVFDKLfmewHig1_V5-ioTR03T0teZGfkBIg7EbVLD2j-qwjz00MdJ4nmjdrHPkiaDAtNcQA2xyQIrenRqOiaZHwtPwvIjjcwNniNnM5lUaNsyhap2_iaVc5SqAjGUElRZwElWcZjfQ9FafWIKx0pPBWbEGWnh4biV4iyxR4WdO6sFOpkWIi0JbY4jTh5AnP__Gc7a2N-cQdYbsDJ93ioHU5KkFwGLJXYS6kat2lBjuNN0ywWTN4QokW65DO9ZrxEZKehCd1b_RfGK-XVAM39oVJ8iq2oiQhKu2ZlTF7_rBMB0jwJtLG_wJgSRpmKhwf8zIFfnLUVC3wS1IfOPeu71vlAvuzBxEUxquSvVRp1N30CX_LZFrT3ST2Slz7YAx8Z-9T-TMuMfG2AqAlFDL1yK6iGRseDrE_umhuLPujHaIQ1CxjFXVifxvj5jem5zs6137bXvTRc8-_8luGllDlRItboA5-p4g9kWnQYIRzWWXC_AiWPRZmusQg_bUraDjsw_gHpBTYjLXh4XLlqhqxzAps&cid=CAQSPgDq26N9oy7cc6wWwYOaWPvQyN90iR0zHmXwmAjLp86EXQMWKeVhsHXLzhbfjnXp2OyFGJB1f7fNvzEnwMa3GAEgDg&rfl=1%2Chttps%253A%252F%252Fwww.deseret.com%252F%240

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-7467d3d-a5555407.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ab661e974f5af3f30a3d7ee1e9228a89b1954462dbdc9e4a45e56ea7863ae40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 19:10:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30438
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
45ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022101301&jk=284198215251265&bg=!8POl87fNAAYeOJy_Pjg7ACkAdvg8WhA9mgbmFB1EbpyfSAI1if9ew42OOPtk-9SP_0mkIyXe29ozYAIAAAHuUgAAAAJoAQcKAJqMUXqmn0lE1AXjRG_lb9EWS5-6RcooK40XDtZXTWo4ZnEB1NPadFtPzZUxboxrES2oViNghFXe2hsPXbtKcuAiQ16lV4g5XbAD7Rrl-ckmRLbWV0umxVTkeI4q0bJUTNBsWToG6PR_9bhpYqL2waMg_B-gfDg6maQU_PMrhzkU8d3lvQcaEEeHzh-r5LjlMS8M4iapH4t7ZkQymQKdEXcwSveQ7p6qub5vmJ7UZx82KwQ_d3vUbDBr5msLHN8tSJjXT1Exb14avUAUOGOjf4nGovgy8I9D6lhfHnGvfAuH5Y_mhVt_BVrs5a9oXOEKrvM5cZ-Mig_awHShuaYgUIRlzZSlt4ccoK2iYS5JNweBfxU1rs0RDl_MxD8dSK7DlUNnaiR21zrDmmbeswUFiVUVNvMG0woi6EuMKBZj2XIUWghoIT9Cy19wHUpX9RVPAzRme5AaDkrzNErC2Pcti-p0UyMBzztO6LXhokpu2dx4hru1bHd5NkvRWeAkp6Unu6Pl0WpvTNaeEIy-tsAt0bikWVCaaW5TTYc5Vx4jRlY3a2HOa9HPw9x45eBJyPwUILePv7U6ql4ApRJGmB0KYHTSZYDGY38ZMX1v1mMo439SeRdeEi-affL-MlHfZPftxtjqIRFGsIvfkZEKLNmsJ8eNX47uxjM8AAU1e_09bKYd17grOXf5xUW4o_jktqbHZddaOesXan2iA8_ueN_0aoRco6iRtRmk6IQ3QBp-qLhwsB7hVNGxIhKue8OUsl7PRkhU1Id0_r6vnXeRjNo-EXzUtzcrnokSBZbc2t_dHdLtL4oZfi_w0xwgCDrbX3lr-2CCQxbGwA7gkXP3-iNDriij4YdU4vB_m50kIrO6vbjXQhVULONCQevIo6SEr05rhjkyUM8ntELe3eBDfkc0UMl3gXkShndAI0lrEun4e3aDvwJ5xJncdN6OCE4C8PVPl6OrH5LR3XvPij5GPKSs0M3Af566vR6KAaWQq3yipMHN7fw-gmLax3zuJRWZv2lLZ_mvB4idjHeM0oQZSkNbgfWE-g-Z5jtMy94ruie62sZKJ-6Qv-OQrpv0ntP2Sv7x3NkFGDu1m6KbtnF4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deseret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221017/r20110914/ Frame 8C4B 30 KB
11 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221017/r20110914/abg_lite.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-7467d3d-a5555407.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 23:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69133
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11726
x-xss-protection: 0
server: cafe
etag: 11376305771055881226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 23:58:14 GMT

GET
H2 200 5000322364781516742
s0.2mdn.net/simgad/ Frame 8C4B 19 KB
19 KB 49ms
10ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5000322364781516742

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-7467d3d-a5555407.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

482ac1310526e08c6a82431dbce6b66fa3e988957653c01fc0fde8d3a8265957

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 15:39:27 GMT
x-content-type-options: nosniff
age: 444660
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19236
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 20:00:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 13 Oct 2023 15:39:27 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221017/r20110914/elements/html/ Frame 8C4B 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221017/r20110914/elements/html/omrhp.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-7467d3d-a5555407.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 21:44:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 21:44:14 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8C4B 0
622 B 89ms
57ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvIFQ-Llmrj5B4kgpODwPQOE-yifEWjMRBBcWjjAVN-ZfsgfzH9hlEUqZ2R2fKuAWoQglbgaW34xXoQnb6hXU5LVKFC4CDbq_mG0epuL_ABc7fsn0s8geCcWC7Un3B1I_Mla1Dh8wCJmq9TkQ4VjSfpp_wUb2Xj6TjvXKeWIFLn7-YcS-5e95FYeAiNLFK2869IumhEGURIVBAOjSgOpiJndlc00Bv75gGEouSOis6QW8pYtUdRObnsMKWwdTcCgXk-HsXwoEZwZBjZUYrw2HiXiWGxxocLwEXd6AlUOMRC_mYrG97kegMgu07SNTsaAtHxUJ86oxC0SvTQmJQTlfMVSZNMzhHRHqk_7soD6kRjy8iV7_4jLaS7rbyF2iC1pxpCV9IO94ShDVKmRMy7pk2z3cJa68_5nJkyQ9RKft_YMx0S2aLhoTl-hEzrKOeJV5EBYcj0E48pdCDdigHzMnF3Cc6a2ObLlIjDM_ozSB-AhDlQxMAhWQym77_MSl1Woo3SdEc1ZzvN01_LsgXW-b7-W3oX7onCO8jIlf1LzFbt1VpwTIdpTprxSx86E-YxjrXuP4YOAZUtt66-zxcAn_pVBpVce_-KUw-n7gdneaOJHh2ceGC4bDsSBm0Eq7NBbr-LozhYCoXIXbt20qpT2_8c5EkdDIUjdxBZgTOoAezArYPiZm4u6eMhCQsAPJpMwib2D1V8_N3cNtRWU_5tG16wd-BTGxdRT-pfxZM7uLovSzhsQGGPQIBdZn060qvg98gYp069cxXaQOYZTqjoLdNP79_rT26SKSGsJSM8wmr4TKlSwZ_Ip5NzIqexID_qaEXnC4BV4NGIPCaU87SmsO1mzrrTwJRdoGIsM2ZhKPw5efooJbT89eDCPAuGnOh4zezK8BBRzoHuQjyK46vLUBPO6ti3SPmYoRl_nESE5XVc8uN0KVC_Kj3-VeZVjj31yCQaolLuIsyBlSO81mS892MckijUP11BV1IFCvjH0zxtpvKLnale28xnjzHF0xk2QXDuQKGDaDTuCQxt8SUwgFqHdvFV0gJHHFavkFdgrhcGKyZ5akfNiNsP-lVSx40uL9QOD5uN6XZZAsPUQ-CQ7euhQOy9zYAbIC9dfTphs1BThmUB3wFCE4djulqLUCIVRvBLUM4hY-xrN7mHMJWtBSbQJ6Dj9by7ATyPco91PCvTeCc3B2MBv6wyWfL8OrxnocZt49aW_C2Qkjioh9W54KfgvFFtVh6bSinY2Zf3yiWtvK2N6p7Qk1eNuqIXumWktjdP0Q-OERqKRnEu0wEO6abHWWBJcFcNQGiJPyQl&sai=AMfl-YQ7KzG2EDDqFB6YXlWbmAxfRtngtmtCLfXukn_pGNbc8bNaAh0fW_TgmGQRY5G_uMP0BFTI-Lflz79Ls9kaZiHZg2ppUGKY6h9pIJ2xXz4qQAR7IwmaKk309WKwSufFst80i_3J15XPsykstCqeuyimuaoAOJ4nAnVOy_1SW7q3K_5NAnN5SbYz39uXY4_WRPwFsDywU8tTGZEXQ5CcUNri9PG6TttGn1vYoGEW66-Dii3YiuVU1JogbL-gSL_S-ZcJ2kejxidtq5o0_3sx&sig=Cg0ArKJSzBn7mRcCeGILEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221017.39429&adurl=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DJmv8qvMeRXnQz5eGDGZf0xBV5Vsx93zCXBU5xo52dTQrczI4KHSFcC95pWAM522UbOn_JyzHGGutedUkDZS_E6NVbwQ&cry=1&dbm_d=AKAmf-Cv70w3emJBJbZ7SYLSGCt0NsjbwPAKOXVCMUejhAB76bGDswNYpbofoOBfzYpAEX6lVcJ_OccFEPPu_T-F2jQFsrl6qltkJaBwgu-gl_egVOmn7aWA7BMok0goiBaxFj6HMtisz7OroreNrw-P0cej4H3I4ZmGzKpR6YOIkS6bKTvj6MqBjkLzbUgjHiKBf-SxGAGIh8jkNwOaY_3dvdMRZrtq3J-BIasB3GGan3rgEXycg554MGlrsXXXjAh9mBG-thRok1YhkGNsQrgBUQXSA8GhacETcQlKmiUTm8zkao5xF80Tg31zCu_G_ow83P69yc6oQsvB5qsBHNbj_n3j2DNe4ZFFiv-17jV1Ol8L1AucLXyMoEidYoj8EkCjSEIP3tg8ao7MvAREeeq5osDcjx7g4Bos4vVaDu_eNXdjBq2RE0-EZb926eOre6miTqYccssAoXQcAv-x5dyrlfKbbEsRmIUf8LKlLlLTCemOU1sjXEvxloIG-K2IqLidCjA18PNqiFu-ID7xzn951XQT5xy0j6DQk10PP0h5jDeSE8eLduc5Y6e9VqeoYHMrD3epLjScYFBDGL_mVOlWctipbsFI6ZzszoDHkS6AK7ibftxn0Quj0SruTBJCwASv2H3HPCt_osLZUfq2-vioSFwNF1rZMzW310WPGCqiQ9UYtYumLWKhnQRvmJ7Wdg0UqyydEQuvnqVKHOErPM-1yUJj_qAwmJ01z9hJHu17Sso5doNzY0gr7acJOuLrxoo7hlcxgU2UKKjzruza6WY67Hm0ag1WWeM-y671cTL9veY7dMtJ2h2hH_MHCstmz0RKkmldWfL4uSdKBFGNDeQLzkBiBddXRRYSy6au-qJLp4h6wtEYEWdsgpAfki55vLytyAlRrU8-RLChivfNq-BahkeD2X5YT9TiSBhX0IRSBXNpu-qz9xm_jGouAhl_CFQHluaPII7RpS-EapjF-3AkNwA3VmKsgHA4oqW4kENrnzQr-WBRiN5_BFV6i9R4T3teCuMHL9Rf92zFX_xnrTO7LZ7hf7pZm9BmLIDevxfmkYyLz35OYhOUtXhuWqp53rIK05ImLCneF-kziDwVyT0ydFziWLu4SjklBTD7970rDdkb9Nnp6tKP9bfKWR2apdNu1Gulw0G2HmWQMWqknG9t78ykh0tEtCimsqRvxK2OrrFz0yWlOQqfi4-RoQ6rdPk4TTlGJuehovX_1n7i6ErVxyIg0tS-kPZrHvOdEIsUiayzH8JCBZLb2R12P3xTWuf_yDvgtRGEYuDtaLBsfG5kYoCarV4adlpBZmzEj2znKZq27Xn7MsBo8qaERluz_3sA5wKfpBDw_y0D57fhrVn-UJaL1Z72eqeW9Kg54QfZEnlfn1L66cDyc9Cc-Jj-pmS2VQuD-cWygWqtvSFi2P4tMiT4Jr0ihw6O05vcyAgljL8T4A3vFmNb1ZBce8VoYMfAMylN0tL7klKP7rAdco1R1vD4Vq9xWM1uzN2QVujc2M-4jgMKDWItqSEiVyy-sVQSa_IDQPED4jX25rDfNzsfaS1xiw0568uOiFttXZT92Dq5NBVP-p4ssF_8_3IHTp5FgoOV6xawfv5_1gBCRNofQo647IQ1Pv0ynQgaIlf85h2Hoqk9BTYeNHUruM7R6RxHrTe1cDyk2IyBLv-3IcralSGOF0ArIW_crnce7wk9HondJw2JPJ5YHuQtuAMQZReQYr0KYA8JpQRvtEKiNraqxf5K8q9dN1UTFw9i8GrRcDEgAUVUo_jvFdXLaWOkLBDz1MGIsb1ll6coTeQfJ5m6o7elG68P80gDx8sZbo2bGiu-h-WUtLa0hH2rNOPjg_4teozQwrrBl54U14mIezqm5_PiL35I5i6cfl9UgtJT3DFIwzrOeh0RfxlpR1Z7kvJDrFKRyzwQsN-olB0KqLcqkkNafa3OJEcm7byn0KypIUiORQRY9GOJzzMGyYiTkWQJ_-LFw4ARpMTjJxJ69qSeAoKLlkv-e3cXHMMgmF85KF7l1EhcTQDRHmIOJvT3nRgzMn4K8I7Uydgx7eS05xrYvSBxgMiZ8NRhiuS2TyldvTi82cAftIETWwFYL0Dui3Ji8AUVaMvRLFfN4zk7lfGnN3mae8c7J2UwQWDM8XeXn4tJ_iqO-AMfVrmPYmMBaeOq1jv2oe3etwnjA8RFcc6xpsfXHYLNGqTUs_F6LmH6mfdeTXL8JfJ4TzgxHYAB7_uFnCB6RVO05OqhsK_ypQskP3uNSn3Y_Z0TH7D7cAr8-jbseszDNHP9ylR5ZcU5TiASb01NPA2g8nKjyOMC-iUbzC6kvR1QvLE0kz5c7xSkrGzRgn9BCw9DoovxziT_mtak6gmf1OlEYw3iKiKfwlyVKkEi3JJS7Vub7b0VF1WLplPJlxwAfiVHN90nYYhL_l4bAXOgHxBAlqroOjxLhtHomIgii1OOqTX86PxHRf1zolRG51ERITFzLuN7timxkA6m5WO-BGFfqwwmQv41Wo0JaanJfuNBzd6yG9Pxaj9CRKZgOfO1e3sWxiAlXvKQZJuauGoWCAu7WZCQG19LAKBaGHbHQlApc20Yk6WUQ_rQmko34W53WY46uQ4BEa_h2L1byhWg6ct4zZMeKdmCEMKhhGyzJETSKQeqM1KguxfUR-4A2z9j1KzMFdYB2wJCDEg7oiaKrfj4VghKSryaFH_Z9grlMHPVx0U6izdlJnGQZXm0Z93rNMlcBrXXcC3z5qTBjs5zsuCyFOvjq189kRrp9ruiiXRwntVuiKc-TEmiJ_yvB74ER9BVN9T_FXP9pILfpbGWscbJkz-VKqlCe0W839pS77RtdYMyUkkrY2wtkSiInOzXn6we60lFzCRiiQBurH1OBuB05nRvJbOryU83sbUneGtDHVFDKLfmewHig1_V5-ioTR03T0teZGfkBIg7EbVLD2j-qwjz00MdJ4nmjdrHPkiaDAtNcQA2xyQIrenRqOiaZHwtPwvIjjcwNniNnM5lUaNsyhap2_iaVc5SqAjGUElRZwElWcZjfQ9FafWIKx0pPBWbEGWnh4biV4iyxR4WdO6sFOpkWIi0JbY4jTh5AnP__Gc7a2N-cQdYbsDJ93ioHU5KkFwGLJXYS6kat2lBjuNN0ywWTN4QokW65DO9ZrxEZKehCd1b_RfGK-XVAM39oVJ8iq2oiQhKu2ZlTF7_rBMB0jwJtLG_wJgSRpmKhwf8zIFfnLUVC3wS1IfOPeu71vlAvuzBxEUxquSvVRp1N30CX_LZFrT3ST2Slz7YAx8Z-9T-TMuMfG2AqAlFDL1yK6iGRseDrE_umhuLPujHaIQ1CxjFXVifxvj5jem5zs6137bXvTRc8-_8luGllDlRItboA5-p4g9kWnQYIRzWWXC_AiWPRZmusQg_bUraDjsw_gHpBTYjLXh4XLlqhqxzAps&cid=CAQSPgDq26N9oy7cc6wWwYOaWPvQyN90iR0zHmXwmAjLp86EXQMWKeVhsHXLzhbfjnXp2OyFGJB1f7fNvzEnwMa3GAEgDg&rfl=1%2Chttps%253A%252F%252Fwww.deseret.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Oct 2022 19:10:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8C4B 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-7467d3d-a5555407.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:48:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4939
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Oct 2023 17:48:08 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8EC4 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-7467d3d-a5555407.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 520461
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 18:36:06 GMT
expires: Thu, 12 Oct 2023 18:36:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8C4B 206 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2558f9f73bee4680ce79e097bbabcd2ec6cd630519233a33703fb56103946dc3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js Show response
pagead2.googlesyndication.com/bg/ Frame 8EC4 36 KB
16 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:08:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15922
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 18:08:47 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8C4B 0
63 B 44ms
44ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:10:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8EC4 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXvGjI_pOY7e7CpCY-gaS56bIBgAAAAA4AeAEAg&bg=!9Pel97PNAAYeOJy_Pjg7ACkAdvg8WupyDTSA5t7Hp8rGUGfIWdwJJNM-EBpWtdAXGeJtH9tKTQYKOAIAAABMUgAAAAJoAQeZAukZnRFqzK8BFy1NtjM9cfkh8iWq2vro2DEkQiV2nR2F5XJvxRf4G9Zkfna6Vj8B5Nhjn4gMvRzR7reAnb65RgKzKr__Jb4_2crh_DXaSE0IPVQTKhwG5RI8aww5U0dxm81gqRjnShNLUzfD-Nihjxw--Gdml_Yrbg1FaU5WXfOzgeEEKlfgS9XOlMaWn0X9L0tzvivo3pXymDvXQ2a2jTRhkC709pPEnCaEWtvHG-GeDKEvuvP6eUZeNV7hpBFD35_X3eHLRli85TmV1optvxAL4Buqw4OyEcdejp1sgJR5ELgATWI11klIwO94jpQl85uMq09O7c_HWELxS5YK5vmWUfScW8z7L5HBtlpluTSWHqKqZSYmN1db9Cqzu6SozqilS19dLjL2dVa3VA9FDsUvRno7hYNyVXeaZWqAh2w--OCEJ5VqkYA473HdeQNgKtXBcPAJAkmFYqDOt0-y-UPCoxJx3UZmUzge_IXXMSk1LXeKdJ1uA73bcVVExJ0dZNBER-ubzNKifK9-xnmVPsKp03HnNRxMU8MVyMYvhhxdC_MKOuGhYhB8kzPMPpL-pjGw_LfVRPHoAZ0BVzS72hLq2hi1e7GTxmDqYCq808KX5TtPlxLb-j-tKn9C0c0ADIdkUPbjRCIcC7J81Ug0V-YVGWfpRt-3En9o747sYr5fzmNEvgbHs81dI6zvE-zxKKW3lmTg7VPyVlIr6Kt2SyVkM5mnqIRk6SCaNsoP5YSzswcg_EKMrJ0BSWU2DCNmH36gJl6oZIanjwnFe6ya4RKnPqVzgvKd-cncm7ocVonxTCnRA_0Qi72URc-fLCuWyDiqYh0jqVetY9HzFO81KMTxF5hTqZBiaOEUoPSt0TMJXP4w5d_SPgTgbfyaVDCN-jCIeZDHAN2PeYy7xhKwS1yOprELEJ6ujpQy9c4vi6cMzrHTNCAno7XYA-EZ5PZp7p8y-4OYuDrNm4jguLsunmdgk5D4KqV3JBib

Requested by

Host: 109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
URL: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 19:10:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame B10C 20 KB
21 KB 34ms
10ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:33:43 GMT
x-content-type-options: nosniff
age: 337006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 21:33:43 GMT

GET
H3 200 gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js Show response
pagead2.googlesyndication.com/bg/ Frame 0DD8 36 KB
16 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-7467d3d-a5555407.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:08:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3702
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15922
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 18:08:47 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B10C 42 B
64 B 68ms
50ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUSnfJlTXxymqLeZcsqlZOab0mVsoChlG0waAVuTBkwfOYY-KQeTJrH_Eh_pXthk43nddn50cZPv4rUb5uduZYoCrZvF4BNFn76QI7vp0NXB4PxNBxxS2uWCuvao0_62IbU0Gf_-A&sai=AMfl-YSlppw72JnFrIE51RWonBqLwodfsYfimOJzaCNesTbcuRZZ8HoBUpWBEodJCs1TqDiFzuYfWDQzEI5E1ucEd9XSExuZmDN87q4oSGGRvKB0f-e3bM8ZRQgbIP_yxuB-gg&sig=Cg0ArKJSzMU8Hu1-ju0iEAE&cid=CAQSPgDq26N9oy7cc6wWwYOaWPvQyN90iR0zHmXwmAjLp86EXQMWKeVhsHXLzhbfjnXp2OyFGJB1f7fNvzEnwMa3GAEgDg&id=lidar2&mcvt=1000&p=353,315,603,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1321699649&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666120226194&rpt=3133&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 19:10:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.deseret.com/	1970-01-20 08:58:16	Name: _fbp Value: fb.1.1666120225105.395376082
.deseret.com/	1970-01-20 06:48:42	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.deseret.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1666120225596%2C%22slts%22:0}
.deseret.com/	1970-01-20 16:18:04	Name: _parsely_visitor Value: {%22id%22:%22pid=c229387aade996e0495918b1c844de67%22%2C%22session_count%22:1%2C%22last_session_ts%22:1666120225596}
.deseret.com/	1970-01-20 16:24:40	Name: _ga Value: GA1.2.1912283711.1666120225
.deseret.com/	1970-01-20 06:50:06	Name: _gid Value: GA1.2.1069465921.1666120226
.deseret.com/	1970-01-20 06:48:40	Name: _gat_UA-25484401-1 Value: 1
.deseret.com/	1970-01-20 16:10:16	Name: __gads Value: ID=12ac4057c45903fc-22a238b121d60006:T=1666120225:S=ALNI_MazZrIh6ZABr_sBsYvvQRTIhOZ_ZA
.deseret.com/	1970-01-20 16:10:16	Name: __gpi Value: UID=00000b12cd86bcfa:T=1666120225:RT=1666120225:S=ALNI_MZcfCnPNeE1RP5ursd1qSIX9Nq4Yw
.doubleclick.net/	1970-01-20 16:10:16	Name: IDE Value: AHWqTUnI3w5prizwb7S6n6Bpkdwe2jA15OUGwRegOkg34cvnfjw3jQKlh9TRnO54wnw

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://uploads.deseret.com/files/deseret-news/newsBanner.json Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://www.deseret.com/ Message: The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Regular.409a2ac6bc1aa08eb312bd751e5b8f40.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.deseret.com/ Message: The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Bold.8cb714e2e55e898768c36431818db72f.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.deseret.com/ Message: The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Roman.7d4d83ea55695b66b9beb992fadfb14b.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.deseret.com/ Message: The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Condensed_Medium.93a6c93a1977e45c6c8110ece8b4b5d0.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.deseret.com/ Message: The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Condensed_Medium.bb363d55467296410f913b84056528f9.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.deseret.com/ Message: The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Bold.5151938f16d42d400f1b1b6cf8ce28b0.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.deseret.com/ Message: The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Roman.a3e2828fcd9d3b031c3d3e07aea3d55e.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.deseret.com/ Message: The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Bold.401d3b047965b9833f0ef9a4299972b2.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.deseret.com/ Message: The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Bold.d49a5ce3e771acb6ef7780dfb8628852.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.deseret.com/ Message: The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Display_Bold.26cefedcab11054b85987ff2f992a2c5.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.deseret.com/ Message: The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Italic.1852359a620808c5c15d4adc10b281d9.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.deseret.com/ Message: The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Display_Bold.3ae2bb4526d6e998f6f95c1227253d91.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.deseret.com/ Message: The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Italic.9f7066049b8a07ca0e905ba46c8645f4.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.deseret.com/ Message: The resource https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Regular.a86565d35df3a9fb1e50b963cbf97a13.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

109ed21568a6cc1deb3a39a96af9baea.safeframe.googlesyndication.com
aax-dtb-cf.amazon-adsystem.com
adservice.google.com
adservice.google.de
ams-pageview-public.s3.amazonaws.com
c.amazon-adsystem.com
cdn.id5-sync.com
cdn.parsely.com
connect.facebook.net
deseret.brightspotcdn.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
htlbid.com
id5-sync.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
p.typekit.net
p1.parsely.com
pagead2.googlesyndication.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tagan.adlightning.com
tpc.googlesyndication.com
uploads.deseret.com
use.typekit.net
www.deseret.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
13.32.27.47
13.35.253.90
141.95.98.65
141.95.98.70
142.250.186.130
143.204.215.15
143.204.215.23
143.204.215.86
143.204.94.230
2001:41d0:701:1000::31ee
2606:4700:10::6816:3456
2606:4700::6811:fc66
2a00:1450:4001:800::2002
2a00:1450:4001:800::200e
2a00:1450:4001:802::2003
2a00:1450:4001:803::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:813::200e
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2003
2a00:1450:4001:830::2006
2a00:1450:4001:831::2001
2a00:1450:400c:c08::9c
2a02:26f0:3500:16::215:148b
2a02:26f0:480:f::213:7ec6
2a03:2880:f050:f:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.216.106.35
54.155.18.159
65.9.61.60
65.9.66.17
05c1c8df64358f81c20540cad1eb3f419a3e109ba40adc8a8cde75e6e8af32d5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
0979ac9e43fdef095ab1f367fc9df0b5acfdd2792a3999de7dace65991f2202e
0a8413f6a3ed41a0c8fda27a9f2053a7e0163afbff1a075607880d674c8ddaf8
0ad4ced2e2bbc29fed11f3705beb28710249aba5d91b852c4d43c9fd425ceb66
10fb34f53bd633989a89e1078a012e7b5bc3b7f87f5c0b890f3be37ec3d0b0ab
120115620c9096aa98d241b6291361e222c40b94c48dbb4ca351e9dc93542b3b
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
130b6040df08a909b7b195a425dc9aa25d35ce960496a565c463de9bac32f547
13445ee05df55dc76c54059d73ae5077c4d08a7fd52c8dcb68e55b5b26ff2c78
13cf20ab39f2ee3b1029137d2f0bc18158f3414cc77af987c091aa6b2438b769
16eb3534055e2d58d7a4d02d4e40e5b04274ea3f490a343ba2be6572f65655eb
18219135cda2251da914bbcac6c3b938506170cb1c8c80b6cca0341721b3d28b
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
1af2148d7bd5e2a0c9ddc1c5b9ff072996852f4f11ebc19695ba4ee08ddb9c4a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2558f9f73bee4680ce79e097bbabcd2ec6cd630519233a33703fb56103946dc3
26af86c46f4ca4148c9533580203149749128d303a9efd78497913255e810890
272c2da0b209e207dd15ce0b6d0d76354903205320cbdab33801f57ee66df91b
2f0b2df67130c20d3f75e473ccf941fc8fea7c029d15adf044af4df143c45b2c
319a730db58e06a377245abe813a053356fb0e032768ed9e3b3eed83060ee624
320fb734642177c9fb0e0c55a3e2db2b6a45281fbe4af78a7bfaf98a200d1464
351ba2ac20d28ffadb1115a6dd19d3a789cbd9d30d88630ca6d0a9a7fa6122d9
36b2007c0fe0a0f968bd49d1d050bd46989db93585b00b39df19ffa3e164047f
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101
3eb297ffdf53bb834657f62d1f1493bb14d335faba21eb0dfd53216d4b18ffea
3ee30b7a169382cdd8a484dea16bfaabaac242cb236c8aa87ef1e9a20c6cdc30
45876440482b8fd5869a0b104e36f7c6352417faf489b6e444cdca1f83357140
46b48eb8786ffe5ca70dd032063c21f0a33992166035a3f3c5173fad5968a073
482ac1310526e08c6a82431dbce6b66fa3e988957653c01fc0fde8d3a8265957
4a1cda636c0c061bd9bf1e12db9009ea26e6160f46a766c30e17ab3a72f4cc58
4ad12603989e23ddf239f228255bcffc77fb8e9503829993b6d01c80cddd8d3f
4c98415225e2d798f63c5cf293cecc7e25003e2bfdd5c36a15131e481377d3a5
4cfd5c388c86048d67802008edc7dc2fc1d5303c7f621db126f7704e6c6d2143
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5349a63b98e640816a804bd41c5bd2a63344a8af7449bdf58112b702f2e85dd4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5a8371880a9712fc3daf07e8bcd965e1fbcb28b36a6a3798c15a1d0b91a0901f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
66f0dc601980210348b662950393979dddd60cd7d71deec55d52d33dba6480bd
69ad3aa28d82aca629d5970eb80b68d85111d458e08fe3eae014ed8cc509637a
6b581d4fb6e47f84d39a3fd29e36c1343cd2ffd8fd1f468fd4f88889b3880c49
6d5aeb863142a8ddac2ae6d950ad4995d72ecb88e8657e7d9c505459dc930ba7
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
717820a550d429da3163782fa5c5cf06ba7c9913ac264d0bfd0abaabac379af1
73667dde0a59b52b3e17b0d5641ec93a10bde180b1a0029250c2690c78b1dd9f
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
786f4aba7b5cf8414efaad94e55aad72383092d11d521079fec2f867a07ecbd7
78738e72304932ad9078a67a2c418eb850ec8d50f07fb1b95b7045be24b6a845
7be8d23faf8e20f95b11c1a6b936f8e7fab5edfe166294fa5cbddd5f4aee8dbc
7f70aad56375a364a2211b837d5bd73bdce3e449fab5710e41bb9458e161091a
8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091
81a2b2aa152e77eb58b88a7896e5dc3c66b6a3e58e56220a81a9fb17797ffafc
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ab661e974f5af3f30a3d7ee1e9228a89b1954462dbdc9e4a45e56ea7863ae40
8e1526da8f25d1beb20238eb04e99aaf13e4a77c2b534d246229fb7eceadaeda
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d
92ef21bce8ccac8db0f5547310ba31ea552ca77ad34a60a12c88229f3d95cd77
96f1bf7e1c0ac4c3310832746a1a8887970155a1de90935c488b05a0c2c73c1e
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
99eae70473ab18cc09d6bf979d967fd959f45f36e40447f22f603232e5a073e6
9f7845baf48f3b8c34aad7cdfabdbde46cdefcd61f5843bb8e485ecd17b35381
a09d02e6d88797dbde0e92bbca6e534dbe41f4add18f56f2e10ab3ae98dca0a6
a1b4c733d93929cbd2a66b012265928653e4c75a9abaf06bfec93c85dfeb83a8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5e1453f994702244f9afece21359693f4e380f75755967017e3ea8b7a50c2ec
a6d8efcec4beb19fdcb6e14e5ae504451a3d846afe70c26c79825c9b9121a9be
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a95d7230e92fa3f5e49d0a98b70db47eca288aa80c32e7aa463fbf0887ed6648
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
aeac3df5ca446725ac4a984ed4b6172c3b3b1cec23d70cc45ec546863f792264
afac353253200fd5c11c9686fe57c91a7848c0fa83f019361dae73f283fa1129
b297a9b9880e89c8a160d162f84548753b0a5b2670073acfaf201588a394fd7a
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b447bd6ec984d15bef59c5f0ca47234bfe29a9232e823395c39c43144553718e
b4ea7efa0e6a4614c57741f207f8a1b70aa914db2308cc670c627b309fd6f66d
b8b231c91771d486e50cf5faf4839ddda6d7d54d45c8c149f91149cebd208c54
bcc5776e9fae4fdacc876c8fec1a448df437dbcb9c79920384bd88d8cebb3869
ce164089c85ffe5ede15b2080ce0f3de4700c9a8781f9a35b8a77cd4e0ef152c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfce9a22e317cb5c83fa53a9627b91b717cdc9c554e6ce6f0d8114219285fae4
d0de57420f31e678e098c665477c3db1a55635f6f6f5d064ff6fc2a39b0a85b6
d2dcf4e292cf679e2c8530bc37a6f23979b184ba573845ddbb1e9d595a554227
d37a519f3a04fe4c01c920f2ba0cf85283ebd419b5d101a606c5ee2b33f19b35
d4cf51f1f32eb92006790b3fbf068aa00b4c8043c20c2fc96ad3ae1bdbbb85c2
da93a0e7099150f0d5f627266768b0c8b9979e567ddfb577d1785595aebe99b8
dbbde8bc08d79afd5f6973ecda299a8a57461e77e02545c6c2f188ef0ea1063e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df95c359e3559c219087fcb7d390b577cbd6577c0338d18644bd275149c62a86
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d188579bddcd83fc8d1383f60e6a50c5cc3428e4f6c32b493a8cce04bc9c87
e524d44843e7d1c9ec644402f6d3c2b74655676f373b5c1338807c11afc2325e
e70ac0a9a238942d8a56dff8d09641460befff48e22876f5ce9023b3409fd331
e8ec347230f08126775e096cbc50c88aee366c466425174ceb17c6d383dd1731
eabb880277c8644d8b8d3134cc8649109692ee1d1d4ca460374dd7cd97c9271b
eb6d8677f4fe82deb229a4a4123c46c3378a92cf5e17f4844dcf430dd1ff6b45
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6b40e219061cb4aa32dd17bd8a6c577c61f6da2700585d49b7c0034526ea90
f2a94eb1d42e17433281e0b974340f4d2efc5ef5033d0d4af074a96012c6ba1d
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f3e1d573601ec8fc04b7410e8593284ffce7fbcc2148ce3070349b6218a40d1f
fa16b740e4d2f2fc389f5a4cb8e1dcdfcd329621eb83528238eca02b0d848d6f
fb0937c8795554e0837a02e3c17fc431c8665d70b631fd4bc285e8c10e5e22a6
fb2246037b7c84a2096f617ae008b038013355145fe825a5edb76706d65bee82

www.deseret.com Open in urlscan Pro 143.204.215.86 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

130 Requests

99 %HTTPS

68 %IPv6

23 Domains

41 Subdomains

41 IPs

5 Countries

3201 kBTransfer

6479 kBSize

9 Cookies

19 Outgoing links

Page URL History

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.deseret.com Open in urlscan Pro
143.204.215.86 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

99 %
HTTPS

68 %
IPv6

23
Domains

41
Subdomains

41
IPs

5
Countries

3201 kB
Transfer

6479 kB
Size

9
Cookies

130 HTTP transactions
9 data transactions