www.fox13now.com Open in urlscan Pro
52.85.96.112 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://link.3blmedia.com/ls/click?upn=U6uMdUiGorMQswyq-2F5baTwCBibBlu6OtFX21bUcYfyAOFzGUJsAoTJVS0nR11eS2XCu1E3imeLB-2F-2F...
Effective URL:
https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Submission: On September 06 via manual (September 6th 2022, 1:56:59 pm UTC) from IN — Scanned from DE

Summary HTTP 295 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 66 IPs in 8 countries across 54 domains to perform 295 HTTP transactions. The main IP is 52.85.96.112, located in United States and belongs to AMAZON-02, US. The main domain is www.fox13now.com. The Cisco Umbrella rank of the primary domain is 363375.
TLS certificate: Issued by Amazon on February 17th 2022. Valid for: a year.

This is the only time www.fox13now.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.115.56 167.89.115.56	11377 (SENDGRID) (SENDGRID)
6	52.85.96.112 52.85.96.112	16509 (AMAZON-02) (AMAZON-02)
7	108.138.17.13 108.138.17.13	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:218... 2600:9000:218e:2200:13:a391:88c0:21	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a02:26f0:10e... 2a02:26f0:10e::6860:5bb2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700:303... 2606:4700:3032::ac43:a9f7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	184.51.9.223 184.51.9.223	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.122.58 18.66.122.58	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3030::6815:251b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	18.66.23.213 18.66.23.213	16509 (AMAZON-02) (AMAZON-02)
2	2.21.184.22 2.21.184.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.75.240.210 23.75.240.210	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:10e... 2a02:26f0:10e::6860:5bb9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	34.160.158.95 34.160.158.95	15169 (GOOGLE) (GOOGLE)
1	13.32.2.61 13.32.2.61	16509 (AMAZON-02) (AMAZON-02)
1 21	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
2	13.32.121.46 13.32.121.46	16509 (AMAZON-02) (AMAZON-02)
1	23.35.229.181 23.35.229.181	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	99.86.240.98 99.86.240.98	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:374	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223e:7600:1a:ba5c:3900:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.17.99.225 52.17.99.225	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206e:4e00:10:618e:d880:93a1	16509 (AMAZON-02) (AMAZON-02)
2	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
11	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2600:1f18:e8a... 2600:1f18:e8a:cd08:3437:aff5:50c:d298	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
4	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	2602:803:c003... 2602:803:c003:200::51	26667 (RUBICONPR...) (RUBICONPROJECT)
2	18.158.192.160 18.158.192.160	16509 (AMAZON-02) (AMAZON-02)
2	2a02:fa8:8806... 2a02:fa8:8806:20::2100	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 5	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
3	3.248.153.68 3.248.153.68	16509 (AMAZON-02) (AMAZON-02)
3	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
6	63.35.80.4 63.35.80.4	16509 (AMAZON-02) (AMAZON-02)
2	159.89.246.130 159.89.246.130	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	151.101.14.132 151.101.14.132	54113 (FASTLY) (FASTLY)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
8	70.42.32.31 70.42.32.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
6	18.219.108.29 18.219.108.29	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:800::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	18.195.227.5 18.195.227.5	16509 (AMAZON-02) (AMAZON-02)
3 4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2 4	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	23.54.109.149 23.54.109.149	() ()
2	76.223.111.18 76.223.111.18	() ()
2	13.32.99.50 13.32.99.50	() ()
2	18.66.97.79 18.66.97.79	() ()
2	23.35.236.188 23.35.236.188	() ()
1	141.95.98.71 141.95.98.71	() ()
4	23.35.236.201 23.35.236.201	() ()
2	69.173.144.138 69.173.144.138	() ()
295	66

1 167.89.115.56 (Herndon, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789115x56.outbound-mail.sendgrid.net

link.3blmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.85.96.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-96-112.pmo50.r.cloudfront.net

www.fox13now.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 108.138.17.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-13.fra56.r.cloudfront.net

ewscripps.brightspotcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:218e:2200:13:a391:88c0:21 (United States)

ASN16509 (AMAZON-02, US)

d3plfjw9uod7ab.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:10e::6860:5bb2 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3032::ac43:a9f7 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 184.51.9.223 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-223.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-58.fra60.r.cloudfront.net

assets.scrippsdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3030::6815:251b (United States)

ASN13335 (CLOUDFLARENET, US)

analyticssystems.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.23.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-23-213.vie50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.184.22 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-184-22.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.75.240.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10e::6860:5bb9 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.158.95 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 95.158.160.34.bc.googleusercontent.com

aswpsdkus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.2.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-2-61.vie50.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 151.101.66.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lit.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-46.fra60.r.cloudfront.net

api.ewscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.229.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-181.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.240.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-98.vie50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:374 (United States)

ASN13335 (CLOUDFLARENET, US)

tru.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:7600:1a:ba5c:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)

rock.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:4e00:10:618e:d880:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.ewscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c21lg-d.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd08:3437:aff5:50c:d298 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

flint.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

ewscripps-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.192.160 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-192-160.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:20::2100 (Singapore)

ASN41041 (VCLK-EU-SE, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.248.153.68 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-153-68.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 63.35.80.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-80-4.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.89.246.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

ins.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.219.108.29 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-219-108-29.us-east-2.compute.amazonaws.com

capi-tier-1-us-east-2.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.195.227.5 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-227-5.eu-central-1.compute.amazonaws.com

prebid-a.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.19.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.54.109.149 (None, )

ASN- ()

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (None, )

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.50 (None, )

ASN- ()

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.79 (None, )

ASN- ()

sync.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.188 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.71 (None, )

ASN- ()

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.236.201 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (None, )

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	connatix.com 1 redirects cd.connatix.com — Cisco Umbrella Rank: 4881 cds.connatix.com — Cisco Umbrella Rank: 5200 capi.connatix.com — Cisco Umbrella Rank: 5280 lit.connatix.com — Cisco Umbrella Rank: 13199 ins.connatix.com — Cisco Umbrella Rank: 6875 capi-tier-1-us-east-2.connatix.com — Cisco Umbrella Rank: 5506 vid.connatix.com — Cisco Umbrella Rank: 6241 img.connatix.com — Cisco Umbrella Rank: 5932	453 KB
26	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 174	452 KB
22	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226 stats.g.doubleclick.net — Cisco Umbrella Rank: 188 googleads.g.doubleclick.net — Cisco Umbrella Rank: 73 cm.g.doubleclick.net — Cisco Umbrella Rank: 303 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 373	224 KB
19	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 350	161 KB
10	rubiconproject.com ads.rubiconproject.com — Cisco Umbrella Rank: 3332 fastlane.rubiconproject.com — Cisco Umbrella Rank: 694 prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3730 eus.rubiconproject.com pixel.rubiconproject.com	117 KB
9	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 4265 log.outbrainimg.com — Cisco Umbrella Rank: 2588	3 KB
8	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1474 widget-pixels.outbrain.com — Cisco Umbrella Rank: 3337 odb.outbrain.com — Cisco Umbrella Rank: 1813 mv.outbrain.com — Cisco Umbrella Rank: 2878	103 KB
7	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 329 acdn.adnxs.com	17 KB
7	google.com www.google.com — Cisco Umbrella Rank: 19 adservice.google.com — Cisco Umbrella Rank: 142	2 KB
7	brightspotcdn.com ewscripps.brightspotcdn.com — Cisco Umbrella Rank: 53919	385 KB
6	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 2095	3 KB
6	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 362	48 KB
6	typekit.net use.typekit.net — Cisco Umbrella Rank: 1044 p.typekit.net — Cisco Umbrella Rank: 1273	69 KB
6	fox13now.com www.fox13now.com — Cisco Umbrella Rank: 363375	335 KB
5	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 2750 public.servenobid.com	10 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	21 KB
4	pubmatic.com ads.pubmatic.com
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 904 ssum-sec.casalemedia.com Failed	3 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 234	176 KB
4	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 456	743 KB
4	serverbid.com e.serverbid.com — Cisco Umbrella Rank: 4936 sync.serverbid.com x.serverbid.com Failed	4 KB
4	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 863 eb2.3lift.com	1 KB
4	openx.net ewscripps-d.openx.net — Cisco Umbrella Rank: 81044 u.openx.net rtb.openx.net Failed	695 B
4	media.net hbx.media.net — Cisco Umbrella Rank: 2510 hblg.media.net — Cisco Umbrella Rank: 2614 c21lg-d.media.net — Cisco Umbrella Rank: 3461	113 KB
4	analyticssystems.net analyticssystems.net — Cisco Umbrella Rank: 18324	2 KB
4	cloudfront.net d3plfjw9uod7ab.cloudfront.net	100 KB
3	yahoo.com c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1492 ups.analytics.yahoo.com Failed	478 B
3	defybrick.com rock.defybrick.com — Cisco Umbrella Rank: 11003 flint.defybrick.com — Cisco Umbrella Rank: 9866	20 KB
3	ewscloud.com api.ewscloud.com — Cisco Umbrella Rank: 75009 static.ewscloud.com — Cisco Umbrella Rank: 99701	8 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1565	132 KB
2	dotomi.com web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3176	971 B
2	google.de www.google.de — Cisco Umbrella Rank: 3469 adservice.google.de — Cisco Umbrella Rank: 5202	1 KB
2	tru.am tru.am — Cisco Umbrella Rank: 6936	12 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 223	2 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 4001 p1.parsely.com — Cisco Umbrella Rank: 3342	24 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 208	87 KB
2	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 730	8 KB
1	id5-sync.com id5-sync.com	1 KB
1	aswpsdkus.com aswpsdkus.com — Cisco Umbrella Rank: 7186	42 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	46 KB
1	scrippsdigital.com assets.scrippsdigital.com — Cisco Umbrella Rank: 69823	4 KB
1	3blmedia.com 1 redirects link.3blmedia.com	292 B
0	advertising.com Failed pixel.advertising.com Failed
0	emxdgt.com Failed cs.emxdgt.com Failed
0	adsrvr.org Failed match.adsrvr.org Failed
0	disqus.com Failed ssp.disqus.com Failed
0	sonobi.com Failed sync.go.sonobi.com Failed
0	rfihub.com Failed p.rfihub.com Failed
0	1rx.io Failed sync.1rx.io Failed
0	yieldlift.com Failed x.yieldlift.com Failed
0	lijit.com Failed ce.lijit.com Failed ap.lijit.com Failed
0	smartadserver.com Failed ssbsync.smartadserver.com Failed
0	onetag-sys.com Failed onetag-sys.com Failed
0	33across.com Failed ssc.33across.com Failed ssc-cms.33across.com Failed
295	54

	Domain	Requested by
19	s0.2mdn.net	imasdk.googleapis.com www.fox13now.com s0.2mdn.net
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net d3plfjw9uod7ab.cloudfront.net 2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com tpc.googlesyndication.com
11	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
11	securepubads.g.doubleclick.net	www.fox13now.com d3plfjw9uod7ab.cloudfront.net securepubads.g.doubleclick.net www.googletagservices.com
9	vid.connatix.com	cd.connatix.com www.fox13now.com
8	log.outbrainimg.com	widgets.outbrain.com
7	ewscripps.brightspotcdn.com	www.fox13now.com
6	img.connatix.com	www.fox13now.com
6	capi-tier-1-us-east-2.connatix.com	cd.connatix.com
6	g2.gumgum.com	ads.rubiconproject.com public.servenobid.com
6	www.google.com	www.fox13now.com securepubads.g.doubleclick.net d3plfjw9uod7ab.cloudfront.net 2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com
6	c.amazon-adsystem.com	www.fox13now.com c.amazon-adsystem.com
6	www.fox13now.com	www.fox13now.com ewscripps.brightspotcdn.com
5	ib.adnxs.com	2 redirects ads.rubiconproject.com googleads.g.doubleclick.net public.servenobid.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.fox13now.com
5	widgets.outbrain.com	www.fox13now.com d3plfjw9uod7ab.cloudfront.net
5	use.typekit.net	www.fox13now.com use.typekit.net
4	ads.pubmatic.com	public.servenobid.com sync.serverbid.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	prebid-a.rubiconproject.com	ads.rubiconproject.com
4	www.googletagservices.com	securepubads.g.doubleclick.net 2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com
4	imasdk.googleapis.com	cd.connatix.com imasdk.googleapis.com
4	analyticssystems.net	www.fox13now.com 2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com
4	d3plfjw9uod7ab.cloudfront.net	www.fox13now.com securepubads.g.doubleclick.net 2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com
3	c2shb.ssp.yahoo.com	ads.rubiconproject.com
3	ads.servenobid.com	ads.rubiconproject.com public.servenobid.com
3	stats.g.doubleclick.net	www.google-analytics.com
3	cds.connatix.com	www.fox13now.com cd.connatix.com d3plfjw9uod7ab.cloudfront.net
3	use.fontawesome.com	www.fox13now.com use.fontawesome.com
2	pixel.rubiconproject.com	public.servenobid.com
2	acdn.adnxs.com	ads.rubiconproject.com
2	sync.serverbid.com	ads.rubiconproject.com
2	public.servenobid.com	ads.rubiconproject.com
2	eb2.3lift.com	ads.rubiconproject.com
2	u.openx.net	ads.rubiconproject.com
2	googleads4.g.doubleclick.net	www.fox13now.com
2	googleads.g.doubleclick.net	2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com www.fox13now.com
2	2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com	securepubads.g.doubleclick.net d3plfjw9uod7ab.cloudfront.net
2	e.serverbid.com	ads.rubiconproject.com
2	web.hb.ad.cpe.dotomi.com	ads.rubiconproject.com
2	tlx.3lift.com	ads.rubiconproject.com
2	fastlane.rubiconproject.com	ads.rubiconproject.com
2	ewscripps-d.openx.net	ads.rubiconproject.com
2	flint.defybrick.com	d3plfjw9uod7ab.cloudfront.net www.fox13now.com
2	tru.am	www.googletagmanager.com tru.am
2	sb.scorecardresearch.com	www.fox13now.com
2	api.ewscloud.com	ewscripps.brightspotcdn.com
2	connect.facebook.net	www.fox13now.com connect.facebook.net
2	hbx.media.net	d3plfjw9uod7ab.cloudfront.net hbx.media.net
2	cdn.cookielaw.org	www.fox13now.com cdn.cookielaw.org
1	id5-sync.com
1	eus.rubiconproject.com	ads.rubiconproject.com public.servenobid.com
1	adservice.google.com	d3plfjw9uod7ab.cloudfront.net
1	adservice.google.de	d3plfjw9uod7ab.cloudfront.net
1	c21lg-d.media.net	hbx.media.net
1	mv.outbrain.com	d3plfjw9uod7ab.cloudfront.net
1	ins.connatix.com	cd.connatix.com
1	lit.connatix.com	cd.connatix.com
1	odb.outbrain.com	d3plfjw9uod7ab.cloudfront.net
1	capi.connatix.com	cd.connatix.com
1	www.google.de	www.fox13now.com
1	hblg.media.net	www.fox13now.com
1	static.ewscloud.com	www.fox13now.com
1	p1.parsely.com	www.fox13now.com
1	rock.defybrick.com	d3plfjw9uod7ab.cloudfront.net
1	widget-pixels.outbrain.com	www.fox13now.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	cd.connatix.com	1 redirects
1	cdn.parsely.com	www.fox13now.com
1	aswpsdkus.com	d3plfjw9uod7ab.cloudfront.net
1	p.typekit.net	use.typekit.net
1	ads.rubiconproject.com	d3plfjw9uod7ab.cloudfront.net
1	www.googletagmanager.com	www.fox13now.com
1	assets.scrippsdigital.com	www.fox13now.com
1	link.3blmedia.com	1 redirects
0	pixel.advertising.com Failed	sync.serverbid.com
0	x.serverbid.com Failed	sync.serverbid.com
0	rtb.openx.net Failed	sync.serverbid.com
0	cs.emxdgt.com Failed	sync.serverbid.com
0	match.adsrvr.org Failed	sync.serverbid.com
0	ssp.disqus.com Failed	public.servenobid.com
0	ups.analytics.yahoo.com Failed	public.servenobid.com
0	sync.go.sonobi.com Failed	public.servenobid.com sync.serverbid.com
0	p.rfihub.com Failed	public.servenobid.com sync.serverbid.com
0	sync.1rx.io Failed	public.servenobid.com
0	x.yieldlift.com Failed	public.servenobid.com
0	ap.lijit.com Failed	public.servenobid.com sync.serverbid.com
0	ce.lijit.com Failed	public.servenobid.com
0	ssum-sec.casalemedia.com Failed	public.servenobid.com sync.serverbid.com
0	ssbsync.smartadserver.com Failed	public.servenobid.com
0	onetag-sys.com Failed	public.servenobid.com sync.serverbid.com
0	ssc-cms.33across.com Failed	ads.rubiconproject.com
0	ssc.33across.com Failed	ads.rubiconproject.com
295	94

This site contains links to these domains. Also see Links.

Domain
scripps.wd5.myworkdayjobs.com
www.facebook.com
twitter.com
givingpledge.org
x-default-stgec.uplynk.com
www.outbrain.com
support.fox13now.com
publicfiles.fcc.gov
www.instagram.com
scripps.com

Subject Issuer	Validity	Valid
*.scrippsnationalnews.com Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
ewscripps.brightspotcdn.com Amazon	`2022-04-30` - `2023-05-29`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.scrippsdigital.com Amazon	`2022-07-09` - `2023-08-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.analyticssystems.net E1	`2022-08-02` - `2022-10-31`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-15` - `2022-09-13`	3 months	crt.sh
aswpsdkus.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-20` - `2023-02-20`	a year	crt.sh
*.parsely.com Amazon	`2022-06-05` - `2023-07-04`	a year	crt.sh
*.ewscloud.com Amazon	`2021-10-13` - `2022-11-11`	a year	crt.sh
*.outbrainimg.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
rock.defybrick.com Amazon	`2022-05-09` - `2023-06-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.defybrick.com ZeroSSL ECC Domain Secure Site CA	`2022-08-17` - `2022-11-15`	3 months	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2021-08-20` - `2022-09-21`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-05-31` - `2023-07-02`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
ads.servenobid.com Amazon	`2022-05-29` - `2023-06-27`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.gumgum.com Amazon	`2022-05-06` - `2023-06-04`	a year	crt.sh
*.consumableaudio.com R3	`2022-07-05` - `2022-10-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.servenobid.com Amazon	`2022-02-06` - `2023-03-07`	a year	crt.sh
sync.serverbid.com Amazon	`2022-04-04` - `2023-05-03`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh

This page contains 44 frames:

Primary Page: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Frame ID: 1438E094C0BFCDCB60EDDE10D17E49DB
Requests: 130 HTTP requests in this frame

Frame: https://cds.connatix.com/p/180443/connatix.playspace.dc.js
Frame ID: 5B6AFF988CFE7E202388DC0A51853EA2
Requests: 14 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: 644F32E6AF39CEE4367CE022053ABFB0
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: 9CCFB7A4E9BA53C58E0A78A71BCC5E1E
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: 8D656D39039C1DADE079D00D72DE2A6F
Requests: 1 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?cid=8CU6Q6626&cs=1&cv=37&hb=1&prvid=261%2C3007%2C2034%2C3017%2C79%2C3012%2C29%2C339%2C147%2C246%2C97%2C203%2C326%2C108%2C23%2C273%2C3018%2C117%2C71%2C96%2C38%2C141%2C2030%2C251%2C178%2C3016%2C102%2C229%2C59%2C201%2C2026%2C226%2C159%2C238%2C58%2C54%2C3010%2C126%2C175%2C2027%2C239%2C75%2C106%2C80&vsSync=1&refUrl=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Frame ID: 8B4F26DB0FD71ADFE5FA61EFC29D2707
Requests: 2 HTTP requests in this frame

Frame: https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1FBC29A8EB70F0481A5C19B193820863
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssxezQgYH4nw1ACEwFISQzKmUqCS7N-KhJ3-p9oSjFBeagvPFrD4ueNCBPPjv60kiK4gmDT7ulMKDxGsnGl47ps8-X2GmTj5H3b2bVDtD7OXSpLIyu22nWen-_TMRU13FPnLf0h7UEkfPtN77GEeI1GpFOKJ0ggJENdJnTvz5MzbIE-E_LzRDNPIXm0a-C62SuWPRy-d5EcYsuA4rmOYlDhp7MV69PXHyAaXtkzlZpMxTjOKSfNrAw2lXE9FctmrwCVtt8tGCyG1hTg0iE1vE4h0spEeJIcgnB58oq33DOuUwhvaTlN_VXX-3N9VMPKVxXCyyVjhcvrPxp1tx0M-g3X_Q&sai=AMfl-YTe9h-dRAqzOqzy3aGnna9IZb-5pGEA7UMO5JwcHXsoULf4-Mf5_b9gP3SFW2JfwsUq2Ni3PcEA7BMdP4rUF1HfvUpFWuPpBBXNrgWLegRYSCetVT_wyJKWFZbT7HVy_A&sig=Cg0ArKJSzO37ODwivMMNEAE&uach_m=[UACH]&adurl=
Frame ID: 7439E41E55E6F8CEDAE6E93093A09AE3
Requests: 7 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Frame ID: 749D4C9070FE7EA112C3F1371899E963
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2E8631169BA4559E3358D28BD5B6A01D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CD00F52F9491D210E545E0C03974702F
Requests: 2 HTTP requests in this frame

Frame: https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C54D66A61390903AEB39D62F08629821
Requests: 18 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Frame ID: DB6016DE8DF9F0DA873A63BB8ED72DA4
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj69fnQATAB&v=APEucNXFfa6kBTGCmfLLsTuY256f6LzyO47BisZTJFSb3ElmE1zSztHgdGcuuDXQIRJ2htLP0jmYj_p1o0G0TNC0QCv40_cJJMMTLOjBNn9DM6xML-fBtkVmS0erqCXHSeJGeK1A8WgB6kybPgeEXoBV9aiSLiWji3S05cxAQEfndyhSuTx5JLk
Frame ID: ABC07C325C68F9ABF7C7003BCE4074F6
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6AAC9A30C586373FAD1EE01C169A3516
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/index.html
Frame ID: 27373338B8D6B219810FA0746BC48584
Requests: 17 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bgZdFqByur67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 6DD1E775F34B657A5E079AF61BCA4FF4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D1EA3EDC7735C84FEDC0CA20850F3FD8
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 04D29712D37B8BD869595F98C24EB647
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 36DDB17B72F81E92AC8FA0A7A47628E8
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: E36FE897D00605F842434E7D58BA9203
Requests: 13 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 46F6CF61EA29A460EFEEE1FC9FF99294
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 9D95DE4E6C94E5123E440EA6784A501E
Requests: 13 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000248.html
Frame ID: 7C466465AD6A6BA9DE5F992E76DBE3E9
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 91A1F2E3E3823D5EF7F24ED90C46BFB4
Requests: 1 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000248.html
Frame ID: 7503AF3D93AFD10AA80167C5848C626B
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E5936046B3877894AB6992D936B821DB
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: A5FB80E376F2C935249C21C06A958249
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: 0368A96AAC187A129FAAF1FCC99DD8AD
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 4958FA798D87FC3B3068454AB15DA165
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 39261AD9C15A0DA7547E4DEB57B98A42
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 7B09CABCE352F3E8C69FCDE17C30A997
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 705AE25E141E907908E27DEF81AD3952
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 814348992B6F379E1CDC89DAE0BA1B86
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: 84F0ECE0BB5FB1AE46EB48E0488FE136
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: B2284574F39A82A3BD8EA07B30AFC23B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: CC9EBDEEEBD61D43FBA5F3975211F96C
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 3511248455F8C4CFB2607B905CDD0B79
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: F3CBCB10192C3507864CFCABB972FD2D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 862DD9567C797D52F1EB6E970B5A83FF
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6c68086c0c61793
Frame ID: BDC997A8C73F21AFA24C519B6BC4EA2E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: DD78BC6E7E79F9A32982E630B95AC869
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6c68086c0c61793
Frame ID: 518601E627C8786DCD9190C68FE67741
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: 1B20A76559315E60614844B6606D3005
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Billionaire Utahn to give away 90% of his wealth

Page URL History Show full URLs

http://link.3blmedia.com/ls/click?upn=U6uMdUiGorMQswyq-2F5baTwCBibBlu6OtFX21bUcYfyAOFzGUJsAoTJVS0nR11... HTTP 302
https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

295
Requests

79 %
HTTPS

41 %
IPv6

54
Domains

94
Subdomains

66
IPs

8
Countries

3930 kB
Transfer

13232 kB
Size

24
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://scripps.wd5.myworkdayjobs.com/Scripps_Careers
Title: Careers Search

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/share?app_id=765516083862087&display=popup&href=https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth&text=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth
Title: Tweet

Search URL Search Domain Scan URL

URL: https://givingpledge.org/Pledger.aspx?id=430
Title: announced Tuesday

Search URL Search Domain Scan URL

URL: https://givingpledge.org/About.aspx
Title: The Giving Pledge

Search URL Search Domain Scan URL

URL: https://x-default-stgec.uplynk.com/ausw/slices/6c3/ef205c0e5ea14d77944cbd6904335118/6c30c6ff4749426ba5c30a3e1d4c8ca1/6c30c6ff4749426ba5c30a3e1d4c8ca1_e.mp4?traffic_source=Connatix
Title: Watch More

Search URL Search Domain Scan URL

URL: https://x-default-stgec.uplynk.com/ausw/slices/24d/ef205c0e5ea14d77944cbd6904335118/24d705854da949228d43ddb087a34d32/24d705854da949228d43ddb087a34d32_e.mp4?traffic_source=Connatix
Title: Watch More

Search URL Search Domain Scan URL

URL: https://x-default-stgec.uplynk.com/ausw/slices/839/ef205c0e5ea14d77944cbd6904335118/839a491280e446d08b5fbd1d763ac93e/839a491280e446d08b5fbd1d763ac93e_e.mp4?traffic_source=Connatix
Title: Watch More

Search URL Search Domain Scan URL

URL: https://x-default-stgec.uplynk.com/ausw/slices/125/ef205c0e5ea14d77944cbd6904335118/1250a942d81649fcb21a7dfc9f5df1f5/1250a942d81649fcb21a7dfc9f5df1f5_e.mp4?traffic_source=Connatix
Title: Watch More

Search URL Search Domain Scan URL

URL: https://x-default-stgec.uplynk.com/ausw/slices/385/ef205c0e5ea14d77944cbd6904335118/385079264a78465fbae5d472e5b53845/385079264a78465fbae5d472e5b53845_e.mp4?traffic_source=Connatix
Title: Watch More

Search URL Search Domain Scan URL

URL: https://x-default-stgec.uplynk.com/ausw/slices/6c5/ef205c0e5ea14d77944cbd6904335118/6c5e795646234f70a07a27003917dee9/6c5e795646234f70a07a27003917dee9_e.mp4?traffic_source=Connatix
Title: Watch More

Search URL Search Domain Scan URL

URL: https://givingpledge.org/Home.aspx
Title: Hundreds of other billionaires

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en

Search URL Search Domain Scan URL

URL: https://support.fox13now.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/KSTU
Title: FCC Public Files

Search URL Search Domain Scan URL

URL: https://scripps.wd5.myworkdayjobs.com/Scripps_Careers/3/refreshFacet/318c8bb6f553100021d223d9780d30be
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fox13newsutah
Title: fox13newsutah

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fox13now/
Title: fox13now

Search URL Search Domain Scan URL

URL: https://twitter.com/fox13
Title: fox13

Search URL Search Domain Scan URL

URL: https://scripps.com/our-brands/local-media/
Title: Scripps Local Media

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://link.3blmedia.com/ls/click?upn=U6uMdUiGorMQswyq-2F5baTwCBibBlu6OtFX21bUcYfyAOFzGUJsAoTJVS0nR11eS2XCu1E3imeLB-2F-2FkV9iN-2F21M7mG-2FETS6yGl11uJ9YWRQCJO-2Fsii2gXHkNdZ6F8hwvVBMBmwdYgh6dPuwtU2JQSqQ-3D-3DI785_YxCxpoge33FNHhRVcK23d9uMVzfNZMYHGFWarkVbQAsjyfMYXqjlhbmLsnnxeAkciJAwzVplxZUxBOZ-2FqucINlkVE3vGCr-2B2XmdXpBpiGfx8DJlEiN34i3-2B8hHAdmfkfvEpYle8RC61WrnA57fjETKZQiSEHB3NQZ-2FZamBEDHSmCZCJ2I6cL8j4eNUm3hNh4VDhyYZiTH0zC7dnxjyWpJurUAyWxeGPCrLxe8ZGju4o-3D HTTP 302
https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://cd.connatix.com/connatix.playspace.js HTTP 302
https://cds.connatix.com/p/180443/connatix.playspace.dc.js

Request Chain 192

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIfWaQihLfOgJqKK9QyAr9s&google_cver=1

Request Chain 193

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxdRpeBRLNHHlArp8vA1-AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIfWaQihLfOgJqKK9QyAr9s&google_cver=1

Request Chain 194

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDDp1A0TQ76_nTd0OJTh0BA&google_cver=1

Request Chain 195

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTIxNzUyMDA4MzUzMTk2NDk4OA%3D%3D

Request Chain 245

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Request Chain 247

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=9217520083531964988

Request Chain 248

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1

Request Chain 251

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1662472618900

Request Chain 254

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=327&uid=8de0f55f-4231-4ca8-a2c0-93cc6e31cd8f&gdpr=0&gdpr_consent=&us_privacy=1YN-

Request Chain 255

https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58559/occ?verify=true

Request Chain 266

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1662472618900

Request Chain 269

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=327&uid=c89ba42b-219c-45e8-9df2-ea664f3fefea&gdpr=0&gdpr_consent=&us_privacy=1YN-

Request Chain 271

https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58559/occ?verify=true

Request Chain 274

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Request Chain 284

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 302
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=9217520083531964988

Request Chain 292

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 302
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=9217520083531964988

295 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request billionaire-utahn-to-give-away-90-of-his-wealth Show response
www.fox13now.com/news/local-news/
Redirect Chain

http://link.3blmedia.com/ls/click?upn=U6uMdUiGorMQswyq-2F5baTwCBibBlu6OtFX21bUcYfyAOFzGUJsAoTJVS0nR11eS2XCu1E3imeLB-2F-2FkV9iN-2F21M7mG-2FETS6yGl11uJ9YWRQCJO-2Fsii2gXHkNdZ6F8hwvVBMBmwdYgh6dPuwtU2JQ...
https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

244 KB
66 KB

205ms
73ms

Document
text/html

52.85.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.96.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-96-112.pmo50.r.cloudfront.net

Software

N/A / Brightspot

Resource Hash

e39460032fd973666abe629c364ac95af959611328e5a0f97b9219d4ed80c025

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://cms.scrippsdigital.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 200
Cache-Control: max-age=240
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' https://cms.scrippsdigital.com
Content-Type: text/html;charset=UTF-8
Date: Tue, 06 Sep 2022 13:53:29 GMT
Server: N/A
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 1d3e6e5e0017170163f28f59931867be.cloudfront.net (CloudFront)
X-Amz-Cf-Id: QseNO3gyr6Bso9tou7wBIMIS5uHdxpqKOwp5-PhY6tq0upjlut2aUw==
X-Amz-Cf-Pop: PMO50-C1
X-Cache: Hit from cloudfront
X-Content-Type-Options: nosniff
X-Powered-By: Brightspot

Redirect headers

Connection: keep-alive
Content-Length: 111
Content-Type: text/html; charset=utf-8
Date: Tue, 06 Sep 2022 13:56:50 GMT
Location: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK All.min.27f436f3e81d1160ab6b1b92485d20ef.gz.css
ewscripps.brightspotcdn.com/resource/00000182-cbf2-d66a-afc3-fff6e8860000/styleguide/ 114 KB
21 KB 107ms
9ms Stylesheet
text/css 108.138.17.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ewscripps.brightspotcdn.com/resource/00000182-cbf2-d66a-afc3-fff6e8860000/styleguide/All.min.27f436f3e81d1160ab6b1b92485d20ef.gz.css
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8bb64e30017933b8a694b456a9f303627e643c5c2e75500da72cb2f07d131562

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 23 Aug 2022 18:24:35 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 23 Aug 2022 18:24:33 GMT
Server: AmazonS3
Age: 1193537
ETag: "58b0557ed536990076e217e01d6ec2f7"
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA56-P7
Accept-Ranges: bytes
Content-Length: 21235
X-Amz-Cf-Id: fnHCbbrF0jNvK70pEHls6w0EmC3tBkLOK0DfjgTdSDzQiMhXMRUENg==

GET
H2 200 6d6d25e3-5be4-444b-82ae-a8f0bb892234.js Show response
d3plfjw9uod7ab.cloudfront.net/ 113 KB
29 KB 82ms
20ms Script
application/javascript 2600:9000:218e:2200:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218e:2200:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2fc67e51612a060864bf2a051671e69044ca49d27660a5e4d5e0ad88d50f38d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: zimuvjLADBbICE2gCbWvBBHN3UOCRCFx
content-encoding: gzip
last-modified: Thu, 14 Jul 2022 18:53:52 GMT
server: AmazonS3
age: 640
etag: W/"f675de6c139417f02f02cf2b125b187a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd596aba0de57f83442d2ebd6b268f4.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
date: Tue, 06 Sep 2022 13:46:11 GMT
x-amz-cf-pop: CDG52-P1
x-amz-cf-id: eUJjmk0A_inOMmP41zDAk6I2rQjD31CkFNw_SMjzW1FNdWYFSaPkig==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
8 KB 40ms
21ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 06 Sep 2022 13:56:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 7BKk7WQU1Z9EDMZmf1T6Vg==
age: 4744
vary: Accept-Encoding
content-length: 7151
x-ms-lease-status: unlocked
last-modified: Tue, 06 Sep 2022 02:28:43 GMT
server: cloudflare
etag: 0x8DA8FAF847409B6
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2c2078df-e01e-0018-319d-c1f573000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7467b5da2b519195-FRA

GET
H2 200 tsu4adm.css
use.typekit.net/ 21 KB
2 KB 124ms
31ms Stylesheet
text/css 2a02:26f0:10e::6860:5bb2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/tsu4adm.css

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::6860:5bb2 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

44184c16fd72e51859e402906cfc8eb5cc13161916b42cf46e416bc9e3fe9850

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Tue, 06 Sep 2022 13:56:50 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1740

GET
H2 200 all.css
use.fontawesome.com/releases/v5.1.0/css/ 45 KB
10 KB 37ms
19ms Stylesheet
text/css 2606:4700:3032::ac43:a9f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

Referer: https://www.fox13now.com/
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:50 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19377747
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: DATDK6GE0M6SF5CS
x-amz-id-2: vSdqg4h3pAZqz7nL6cPevVcCWTj6X2bDQOM9YVaqEso7rJJeqtzPCsqvTOrFCSt6q0N8TZyMusU=
last-modified: Wed, 30 Jun 2021 15:30:31 GMT
server: cloudflare
etag: W/"826c57385f3d35cfed5478ba7b1f5c03"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sJ%2F95QjOjeJ676FTGm1dWJFdaqr3zS8DCsxjoGtSN1ZP5QAGRPLaYRaBgRTwvmF99i5jyiTFTq7QTLflDkl0B054xQkTPsp0ODkE2%2BwDM6sfeP9j3EYKpAvtcIdFRnXDx7JFnHi5Nx1s2vhLVh5V1zvy"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 7467b5da2da49b80-FRA

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/eead90a/2147483647/strip/true/crop/600x274+0+0/resize/400x183!/quality/90/ 23 KB
24 KB 8ms
8ms Image
image/png 108.138.17.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/eead90a/2147483647/strip/true/crop/600x274+0+0/resize/400x183!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F00%2F9e%2F66505c3f463b98e45a6637d3fcea%2Fkstu-main-logo.png
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-13.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: d46651a0642c39afc570af89ad0b4373250d4002c05e92282aab4b289c4771d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sun, 26 Jun 2022 02:17:32 GMT
Via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 6262758
ETag: 5530a8138966797a635819cda27dfa7c
X-Cache: Hit from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P7
X-Robots-Tag: nofollow
Content-Length: 23926
X-Amz-Cf-Id: jIxu-jL1i6v-Bn2Okkn9tag43BGqokH2H0_GeSXq86ltk16covhjng==
Expires: Mon, 26 Jun 2023 02:17:32 GMT

GET
H/1.1 200
OK Blank.gif
www.fox13now.com/styleguide/assets/ 57 B
460 B 41ms
40ms Image
image/gif 52.85.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fox13now.com/styleguide/assets/Blank.gif
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-96-112.pmo50.r.cloudfront.net
Software: N/A /
Resource Hash: e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 24 Aug 2022 00:17:08 GMT
Via: 1.1 1d3e6e5e0017170163f28f59931867be.cloudfront.net (CloudFront)
Connection: keep-alive
Server: N/A
Age: 1172383
X-Cache: Hit from cloudfront
Content-Type: image/gif;charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: PMO50-C1
Content-Length: 57
X-Amz-Cf-Id: LGTCIaWmLt-Td8e2uX9lmyC1EtdBwA6S3TFGM3m3CjPY6VJHtpFErg==

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/43aedef/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/format/webp/quality/90/ 81 KB
82 KB 12ms
11ms Image
image/webp 108.138.17.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/43aedef/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F4e%2F44%2F8b76c25f473093b130f7f52df25a%2Fjeff-t.%20Green.jpg
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-13.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 3ad36bb49239b3d32df10dc97841cb24dd28a8bca96ee95a57f4972d9b607976

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 06 Sep 2022 10:54:54 GMT
Via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 10917
ETag: 8f84e9a0fd2eafda378223eeca331a51
X-Cache: Hit from cloudfront
Content-Type: image/webp
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P7
X-Robots-Tag: nofollow
Content-Length: 83212
X-Amz-Cf-Id: qY7ik2_eqDdfwygsEJRMMLNTEQXzlwoTAdeyO7glNHY4CzhVGrGwdg==
Expires: Wed, 06 Sep 2023 10:54:54 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/cabd33d/2147483647/strip/true/crop/720x720+280+0/resize/300x300!/quality/90/ 16 KB
17 KB 9ms
9ms Image
image/jpeg 108.138.17.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/cabd33d/2147483647/strip/true/crop/720x720+280+0/resize/300x300!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Ff9%2Fc8%2Fbe6d1e8f4eb2a9ab227d4653983e%2Fjeff-tavss-headshot.jpg
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-13.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: a78eee44a33280cae70b7fade38a0ea36d2d3c34252c8fffe9e5d91aaf463a0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 00:23:10 GMT
Via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 17588021
ETag: 432c028acf64b6afb081594ce3fc408d
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P7
X-Robots-Tag: nofollow
Content-Length: 16702
X-Amz-Cf-Id: CXkzRe5W_FeY88SXTQPR53qR9tmauJlHwl5mLoGSdl4r7WR0AKYN2Q==
Expires: Wed, 15 Feb 2023 00:23:10 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 207 KB
72 KB 77ms
19ms Script
application/x-javascript 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 349a542f6391d7f28541a00c46cc0f00dbd0b4923bc06b058168e5b95c0066ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
content-encoding: gzip
last-modified: Sun, 04 Sep 2022 10:18:51 GMT
etag: "16-GN9H2BRyJuX8r5U74AgYeATQsoQ"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 2094cb9b7c1f68e05aabd3606200833f
timing-allow-origin: *, *
content-length: 72856

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/f6058f7/2147483647/strip/true/crop/480x360+0+0/resize/480x360!/format/webp/quality/90/ 14 KB
15 KB 8ms
8ms Image
image/webp 108.138.17.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/f6058f7/2147483647/strip/true/crop/480x360+0+0/resize/480x360!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F0b%2F0c%2F0184c2f44e4783b067c6ee93fcc0%2Ffox13webad.jpg
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-13.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 7e03ea05c599640f6d1a683302bec77bcd06d63d0a41c3df4867637835876dd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 05:37:37 GMT
Via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 980354
ETag: fb0cc7192b8850a1be784ebef7161f2e
X-Cache: Hit from cloudfront
Content-Type: image/webp
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P7
X-Robots-Tag: nofollow
Content-Length: 14718
X-Amz-Cf-Id: FIKWxMfZtgqLEVqPpWdSx_kTKgRdIM0fTWg0FiwMV5O-He2muCgLPw==
Expires: Sat, 26 Aug 2023 05:37:37 GMT

GET
H/1.1 200
OK logo-scripps.png
assets.scrippsdigital.com/cms/images/ 3 KB
4 KB 103ms
8ms Image
image/png 18.66.122.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.scrippsdigital.com/cms/images/logo-scripps.png
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-58.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: 8lNexGmb6tKD4SPVOeXslwnzBtFWYJoV
Via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Oct 2017 14:04:11 GMT
Server: AmazonS3
Age: 41730
ETag: "f46791d665054bf21da09492d448e1d2"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Date: Tue, 06 Sep 2022 02:21:22 GMT
x-amz-replication-status: COMPLETED
X-Amz-Cf-Pop: FRA60-P2
Accept-Ranges: bytes
Content-Length: 3532
X-Amz-Cf-Id: wD2EYnitXfASw-XTr1eI7_Y3XTnPd0X3h5kNJPnB0Qe8nrPrd3TADg==

GET
H/1.1 200
OK All.min.06da402cb4b4e476438a5765a9242268.gz.js Show response
ewscripps.brightspotcdn.com/resource/00000182-cbf2-d66a-afc3-fff6e8860000/styleguide/ 435 KB
102 KB 15ms
8ms Script
text/javascript 108.138.17.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ewscripps.brightspotcdn.com/resource/00000182-cbf2-d66a-afc3-fff6e8860000/styleguide/All.min.06da402cb4b4e476438a5765a9242268.gz.js
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 795404e4d9bc0212aa149497c281462504554b632a5112c9f0d42a12c4867ba8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 23 Aug 2022 18:24:35 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 23 Aug 2022 18:24:33 GMT
Server: AmazonS3
Age: 1193537
ETag: "c83c67935219c614725f89beb336d4e9"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA56-P7
Accept-Ranges: bytes
Content-Length: 103912
X-Amz-Cf-Id: s81VEl6Yb6IJWpz827N4HkPH7-5NUQxAUctnCdRvjl0Avjv0TTWDwA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 146 KB
46 KB 74ms
27ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5QBX3CF

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

617912f14527ee7d9bbbb6340eb9a5214dba3082883643f43621cd816449159b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46658
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 06 Sep 2022 13:56:51 GMT

GET
H2 202 6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/client/impression/ 0
544 B 161ms
123ms Image
text/plain 2606:4700:3030::6815:251b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/client/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=802021
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngbiQ2Z82Ne28Hrz582cHVVlp29mLJSh43QnAcfAfWlUShuz5wtHaNHPNVBW%2FV7elB%2BSeY3niBJ2IGvLaq%2FmamUhWW2yw14s0CJ%2BTfJw%2F8N8Z052AAA5ZPh4EsMN64jcjHTjSAzwt7mGUfjc0YgxMw9A8g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 7467b5dba98bbb67-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: FxJKCB_07zYxkusAAK6h

GET
H2 404 000000.json Show response
cdn.cookielaw.org/consent/000000/ 215 B
573 B 58ms
43ms XHR
application/xml 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/000000/000000.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0fb3bdbceebd52c9a19da7234cb3f3636107561e06d005fcd442bd0fac0a38a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: a270334e-301e-0137-0ef8-c1321c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 7467b5daefcf8fd6-FRA
expires: Tue, 06 Sep 2022 17:56:51 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 166 KB
43 KB 73ms
21ms Script
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 06 Sep 2022 13:14:10 GMT
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront), 1.1 af4c7c5690ef99c2d2945817a4e41504.cloudfront.net (CloudFront)
last-modified: Thu, 01 Sep 2022 20:50:54 GMT
server: AmazonS3
age: 2562
etag: W/"d9d3c87337955401df6a2e4474e61700"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, VIE50-P1
content-encoding: gzip
x-amz-cf-id: YlWdkzch0u4Qwk7L6Ax_dUlvRwE_wnRSsu-lU5ZZlUDurr6IDZ9otg==

GET
H2 200 bidexchange.js Show response
hbx.media.net/ 445 KB
103 KB 191ms
138ms Script
text/javascript 2.21.184.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/bidexchange.js?cid=8CU6Q6626&version=5.1&dn=www.fox13now.com

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.184.22 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-184-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5c65a55f7e434cca13508c8c61f35e1512443e0d220547a8dc61870fcddf4a6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Tue, 06 Sep 2022 13:56:51 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
timing-allow-origin: *
expires: Tue, 06 Sep 2022 14:26:51 GMT

GET
H2 200 5776_Scripps_Local_Stations.js Show response
ads.rubiconproject.com/prebid/ 601 KB
113 KB 117ms
7ms Script
text/javascript 23.75.240.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.240.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-240-210.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1d0e8483bf5f4894781be1119152bee656a83feb2cb87837d76cd4261016fe4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
content-encoding: gzip
last-modified: Tue, 26 Jul 2022 16:32:02 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
content-length: 114850
expires: Tue, 06 Sep 2022 13:56:51 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
195 B 92ms
18ms Stylesheet
text/css 2a02:26f0:10e::6860:5bb9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=tsu4adm&ht=tk&f=137.138.139.140.169.170.171.172.175.176.141.142.143.144.147.148.151.152.153.154.155.156.157.160.161.162.165.166.167.168&a=15199297&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10e::6860:5bb9 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62: 8096267
date: Tue, 06 Sep 2022 13:56:51 GMT
last-modified: Sat, 16 Oct 2021 05:50:56 GMT
server: nginx
etag: "616a6840-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 34ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a9c07eaf719ee406923a564299399e29b431b0d2facc698f3ffb8c24afb7e62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 0MF+CuA2Q/fhpPW9AadGzw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: MENS04q2dVXNsWVW/wglQWiN+KA/oH0zcWICjWryIXecejljQmBbA8QTjbciBcZx9cbkoKnAEk5d5/aVejm9Gw==
x-fb-trip-id: 686109401
x-fb-content-md5: 27194cb675708266a0c041336bba9f61
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 06 Sep 2022 13:56:51 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "a6677a0d5cd0261bd8b6e2f393acbbec"
timing-allow-origin: *
expires: Tue, 06 Sep 2022 14:04:27 GMT

GET
H2 200 ua-sdk.min.js Show response
aswpsdkus.com/notify/v1/ 227 KB
42 KB 55ms
14ms Script
application/javascript 34.160.158.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://aswpsdkus.com/notify/v1/ua-sdk.min.js
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.158.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 95.158.160.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 60d86669bd9ed9711c63f3ae3da3922facc9e47fb76416895727cad3d879f71c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:53:41 GMT
content-encoding: gzip
age: 190
x-guploader-uploadid: ADPycduGOzdB6mIlv3EJ0b87VYHeiknKOVHgpvfrx8RvuJ20gKery4edP_pnIL9gTvSOMIBa_n-5NfnwdR4vAWwtji4L
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42547
last-modified: Mon, 29 Aug 2022 17:57:04 GMT
server: UploadServer
etag: "b2a97340af12eabf1f156f096783b4ba"
x-goog-hash: crc32c=a8SXJw==, md5=sqlzQK8S6r8fFW8JZ4O0ug==
x-goog-generation: 1661795824566829
cache-control: public,max-age=300,no-transform
x-goog-stored-content-length: 42547
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 06 Sep 2022 13:58:41 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 58 KB
59 KB 18ms
17ms Font
font/woff2 2606:4700:3032::ac43:a9f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Request headers

Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16405657
cf-ray: 7467b5db78259b80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59572
x-amz-id-2: ns4nZXtKI8TjfxeHEIDjv9b9nhjc05XDFc51BC/gRAyYkVGj6nHb+oqJzGx+CmYVCN/jO7DISGU=
last-modified: Wed, 30 Jun 2021 15:30:49 GMT
server: cloudflare
etag: "18d2347ab2a9f40ca2247cdb03303d84"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4y1VoSW%2F4O1MpbgQ9sNn3QjrlmKDjZECMenH0e5NnwcvfSy64Kdomm2ogMvoyC1eASi5A%2F3Bo7pwmnPfgFRWua9AHwMh5hAJhDvm%2FLgSQgA462%2BDDN0raxx7Qqd%2FyDIBm1VM4xoovLoRipNZWwfw6ImP"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 57GNW1G99JA6YNCM
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 l
use.typekit.net/af/8738d8/00000000000000007735e611/30/ 16 KB
17 KB 74ms
21ms Font
application/font-woff2 2a02:26f0:10e::6860:5bb2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8738d8/00000000000000007735e611/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10e::6860:5bb2 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5d8f24de649d274c051960845b51a0407362d6b4c80de23985e648d3378708f5

Request headers

Referer: https://use.typekit.net/tsu4adm.css
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
server: nginx
etag: "a5565f97e4389f39e94f7880b2c8088023e4d88a"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16880

GET
H2 200 l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ 16 KB
16 KB 71ms
18ms Font
application/font-woff2 2a02:26f0:10e::6860:5bb2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10e::6860:5bb2 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b4096925f34c85d0c0e934ad77c44165dcd66fecc354c153784d246f00911da5

Request headers

Referer: https://use.typekit.net/tsu4adm.css
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
server: nginx
etag: "ef52ad3657e4d4a42c21db6c00d5c7ccc649bc94"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16560

GET
H3 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 62 KB
63 KB 21ms
21ms Font
font/woff2 2606:4700:3032::ac43:a9f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1

Request headers

Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19358673
cf-ray: 7467b5db9c9f928f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63376
x-amz-id-2: Ahdi/nVvFAiYG1jy8KmtEZMvbx3+ZQ44zxuTZTRYzxd914/Lj1PtQVHIDtnyrn6rNKniFj7BwBw=
last-modified: Wed, 30 Jun 2021 15:30:49 GMT
server: cloudflare
etag: "f319eac1c755f9929fd856720ce1695e"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0QkctoapvJEVME1HllnkI6GqgIp5lw5lW4wf%2FqzW6sAxHSOc9SoBulNhvbmR8MVoSunchJAmoB0cp%2FBtJTfW4YFr%2B0I3%2BwoMaoFhyBjLPj1aMMA79c%2BXXf%2Friz1JVlfQh9sLfKbWy%2FjG5p8pShNwoQS"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 60CNJX19FHDYZKA5
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 l
use.typekit.net/af/3322cc/00000000000000007735e616/30/ 17 KB
17 KB 66ms
35ms Font
application/font-woff2 2a02:26f0:10e::6860:5bb2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3322cc/00000000000000007735e616/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10e::6860:5bb2 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: fdcb74f626ef8f1059c0e3bd503017b8fdda4a54afcc26a4da734f5fd5c7a87a

Request headers

Referer: https://use.typekit.net/tsu4adm.css
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
server: nginx
etag: "71f986ad2b4d0b6a0e5a056380e0c8c577137ae8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17212

GET
H2 200 l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ 16 KB
17 KB 51ms
19ms Font
application/font-woff2 2a02:26f0:10e::6860:5bb2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10e::6860:5bb2 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 81a6361b1f6ff5f9f6ca05b773fb993d7b7b3f668635ccba4379fa3ecb9a7e3e

Request headers

Referer: https://use.typekit.net/tsu4adm.css
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
server: nginx
etag: "96c7595dad6bb306bf9cc4c7a3b3d28654c7d636"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16832

GET
H2 200 p.js Show response
cdn.parsely.com/keys/fox13now.com/ 66 KB
23 KB 93ms
20ms Script
application/javascript 13.32.2.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/fox13now.com/p.js
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-61.vie50.r.cloudfront.net
Software: nginx /
Resource Hash: 1e07e272734d4232d604835b00dfb9847c36a95e2fb6a01458590618e2bbcc77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: public
date: Tue, 06 Sep 2022 04:00:13 GMT
content-encoding: gzip
last-modified: Mon, 22 Feb 2021 19:24:27 GMT
server: nginx
age: 35798
etag: W/"603404eb-10711"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 95c9d51ed7176777d7ac8ca8cb233696.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: k2Xel3r-WB9oqVAzW0d278k_CD1qwJpxR0dnFrom4mLT9EHTwpdPwA==
expires: Wed, 07 Sep 2022 04:00:13 GMT

GET
H2

200

connatix.playspace.dc.js Show response
cds.connatix.com/p/180443/ Frame 5B6A
Redirect Chain

https://cd.connatix.com/connatix.playspace.js
https://cds.connatix.com/p/180443/connatix.playspace.dc.js

993 KB
226 KB

40ms
7ms

Script
application/javascript

151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/180443/connatix.playspace.dc.js
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0f1928c0a2274141ca7ba973c6098bb259a335c6ecc1969fed7ce92fea6a744d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
content-encoding: br
last-modified: Tue, 06 Sep 2022 13:02:19 GMT
age: 3116
etag: "4a8ab99c99f1c747017180ef559d1765"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 231019

Redirect headers

location: https://cds.connatix.com/p/180443/connatix.playspace.dc.js
date: Tue, 06 Sep 2022 13:56:51 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/02cc935/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/ 124 KB
125 KB 11ms
11ms Image
image/jpeg 108.138.17.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/02cc935/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F4e%2F44%2F8b76c25f473093b130f7f52df25a%2Fjeff-t.%20Green.jpg
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-13.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: bd6cafb0d9f0509d461f9b8845027ecb7f5385ee273346f5f44efd2b328afdb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 06 Sep 2022 10:54:53 GMT
Via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 10918
ETag: 8abdd9b88cc8d2da8c2022d32c3e8063
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-P7
X-Robots-Tag: nofollow
Content-Length: 127179
X-Amz-Cf-Id: _uftbC3NsK7dmH6ponNFIHYDL3YkCUR3QjL-V-QZD-0hM-bcE6fY0w==
Expires: Wed, 06 Sep 2023 10:54:53 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 299 KB
85 KB 20ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=5762d2e12f1935fa33426632e7ef551c

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

af9ffcd63086c4bb32a86781eb1fe125ea3b5b0a6c4355988fb04ac21cf5bf7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.fox13now.com/
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: J+He/bJqRHCHo+10OCQleg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86676
x-fb-rlafr: 0
x-fb-debug: Up4Y9YH2WK9viuH40tp0fXerfUFZuptznCW298gAR1szz3DDFWuySsvWT5N0pvzVgQABRmgzovMVD2VE8YX17A==
x-fb-content-md5: 83b8d62d030544c246792cd0668ac689
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 06 Sep 2022 13:56:51 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "0d5a7ab6d2a9a5866e5122f4cd04f781"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 06 Sep 2023 12:25:31 GMT

OPTIONS
H2 200 /
api.ewscloud.com/prod/scheduler/v1/com.fox13now/schedules/current/ Frame 0
0 443ms
281ms Preflight
application/json 13.32.121.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ewscloud.com/prod/scheduler/v1/com.fox13now/schedules/current/?type=web
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-46.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.fox13now.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 06 Sep 2022 13:56:51 GMT
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
x-amz-apigw-id: YCmxmHZxoAMFsow=
x-amz-cf-id: fqoZIl5VcFME0pRBuLk2nxK-OJJxPywzA_NBKtELH1XlhJ1oe59dyQ==
x-amz-cf-pop: FRA60-P1
x-amzn-requestid: 2a60646a-7c9c-47bb-a09e-4dc5d4dfea99
x-amzn-trace-id: Root=1-631751a3-005350052180ada2313ab052
x-cache: Miss from cloudfront

GET
H/1.1 200
OK d3d3LmZveDEzbm93LmNvbQ== Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
461 B 43ms
7ms XHR
application/json 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LmZveDEzbm93LmNvbQ==
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 06 Sep 2022 13:56:51 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=4923
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: bad0658622f121d970a2be6574be4956
Content-Length: 15
Expires: Tue, 06 Sep 2022 15:18:54 GMT

GET
H/1.1 200
OK weather Show response
www.fox13now.com/ 76 KB
77 KB 47ms
46ms Fetch
application/json 52.85.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fox13now.com/weather?_renderer=json

Requested by

Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000182-cbf2-d66a-afc3-fff6e8860000/styleguide/All.min.06da402cb4b4e476438a5765a9242268.gz.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.96.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-96-112.pmo50.r.cloudfront.net

Software

N/A / Brightspot

Resource Hash

db8eb42c61b6eeb13d22b9a9399e168db136b4ead273f374eb34e4d0df0f87f0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://cms.scrippsdigital.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self' https://cms.scrippsdigital.com
Via: 1.1 1d3e6e5e0017170163f28f59931867be.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 173
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Server: N/A
Date: Tue, 06 Sep 2022 13:53:58 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8
Cache-Control: max-age=240
X-Amz-Cf-Pop: PMO50-C1
X-Robots-Tag: nofollow
X-Amz-Cf-Id: 38wyBKmZP89UWZxnuGSY0WXqTfV6URIZ_70iWg0EpABJJA6vLaf9tQ==

GET
H/1.1 200
OK breaking-news-alerts Show response
www.fox13now.com/ 65 KB
66 KB 110ms
45ms Fetch
application/json 52.85.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fox13now.com/breaking-news-alerts?_renderer=json

Requested by

Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000182-cbf2-d66a-afc3-fff6e8860000/styleguide/All.min.06da402cb4b4e476438a5765a9242268.gz.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.96.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-96-112.pmo50.r.cloudfront.net

Software

N/A / Brightspot

Resource Hash

32e1329797d326d745531601e74965eceda43ea66defc3ddee4fbbddf8df2913

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://cms.scrippsdigital.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self' https://cms.scrippsdigital.com
Via: 1.1 1d3e6e5e0017170163f28f59931867be.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 109
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Server: N/A
Date: Tue, 06 Sep 2022 13:55:01 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8
Cache-Control: max-age=240
X-Amz-Cf-Pop: PMO50-C1
X-Robots-Tag: nofollow
X-Amz-Cf-Id: SFE16wPbQDBQOjlshIwc_AmuNemhabQJsvaiRUzh_yyBkPGs-ve_fg==

GET
H/1.1 200
OK alerts Show response
www.fox13now.com/weather/ 66 KB
66 KB 125ms
45ms Fetch
application/json 52.85.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fox13now.com/weather/alerts?_renderer=json

Requested by

Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000182-cbf2-d66a-afc3-fff6e8860000/styleguide/All.min.06da402cb4b4e476438a5765a9242268.gz.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.96.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-96-112.pmo50.r.cloudfront.net

Software

N/A / Brightspot

Resource Hash

f17a61f868ba322b5ef1bbf48692bb744a3cf8b93bd8477a73cf38b223e6cb6e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://cms.scrippsdigital.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self' https://cms.scrippsdigital.com
Via: 1.1 22e800e518f46c4186cdd0f22f935340.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 107
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Server: N/A
Date: Tue, 06 Sep 2022 13:55:03 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8
Cache-Control: max-age=240
X-Amz-Cf-Pop: PMO50-C1
X-Robots-Tag: nofollow
X-Amz-Cf-Id: NYFkkgZCJ7DkJvQMWCQvmzHUAkB0oW7e1MSaXrXIDU247cdQigHXSA==

GET
H/1.1 404
Not Found school-closings-delays Show response
www.fox13now.com/weather/ 59 KB
60 KB 133ms
47ms Fetch
application/json 52.85.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fox13now.com/weather/school-closings-delays?_renderer=json

Requested by

Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000182-cbf2-d66a-afc3-fff6e8860000/styleguide/All.min.06da402cb4b4e476438a5765a9242268.gz.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.96.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-96-112.pmo50.r.cloudfront.net

Software

N/A / Brightspot

Resource Hash

a49cde5a2c26fabfce1fb651684014115916038bb5dc779c63fd96afa8df8368

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://cms.scrippsdigital.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self' https://cms.scrippsdigital.com
Via: 1.1 1d76dd98c16c516f48b964dacfe39bfe.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 109
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Error from cloudfront
Connection: keep-alive
Server: N/A
Date: Tue, 06 Sep 2022 13:55:02 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8
Cache-Control: max-age=240
X-Amz-Cf-Pop: PMO50-C1
X-Robots-Tag: nofollow
X-Amz-Cf-Id: DLSudybxuSH6-R_noo9jKxuZdmJI3QyLplRawAim4lfEKxOwRmWVmQ==

GET
H2 200 / Show response
api.ewscloud.com/prod/scheduler/v1/com.fox13now/schedules/current/ 5 KB
6 KB 290ms
290ms Fetch
application/json 13.32.121.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ewscloud.com/prod/scheduler/v1/com.fox13now/schedules/current/?type=web
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000182-cbf2-d66a-afc3-fff6e8860000/styleguide/All.min.06da402cb4b4e476438a5765a9242268.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-46.fra60.r.cloudfront.net
Software: /
Resource Hash: f3e7903c0222590b5a8af20c021e3dc1a589cd485a0840d1589fe960b6b60fa3

Request headers

Authorization: Token bc22df1e0efb4dcb53f2438a4b71da118f05788c
Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amzn-requestid: 36517595-ea10-49b4-be64-267922cbe5bb
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-631751a3-16aef7f56cfa2c484406c1c7
x-amz-apigw-id: YCmxpExJoAMFhqQ=
content-length: 5312
x-amz-cf-id: A0FBdsSY214PO40hItnx-12g0aCQUkWrNZfQ99zc_uKHhk1_-XZUiQ==

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 28ms
19ms Image
image/gif 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Thu, 06 Oct 2022 13:56:51 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
313 B 35ms
35ms XHR
text/plain 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3295&u=https%3A%2F%2Fwww.fox13now.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 09:28:42 GMT
via: 1.1 af4c7c5690ef99c2d2945817a4e41504.cloudfront.net (CloudFront)
server: Server
age: 16088
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.fox13now.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: VIE50-P1
x-amz-cf-id: OKgO577K4hBy1JxprbLEOXlAuP0PaiyjUOBc4R-X2SdxIYR50X_fVw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 57ms
18ms XHR
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 01:46:56 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 43796
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 24 Aug 2022 19:06:24 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
via: 1.1 780489eb078b12b535ed56179d4e97fe.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: VIE50-P1
content-type: application/javascript
x-amz-cf-id: RY71UECuYDeqC-jB06Wz1VrPNj5qw0BvNs4mbtXGd9hZ91K0JdSNxQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 49ms
13ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QBX3CF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2453
date: Tue, 06 Sep 2022 13:15:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 06 Sep 2022 15:15:58 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 72ms
20ms Script
application/javascript 99.86.240.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-98.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 10:11:07 GMT
content-encoding: gzip
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
age: 36981
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6c9f184c491eed5c51abd110e89bd97a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: WX9qEOa4txQzbQ644-DND1-KIYVrK13MRd8hYi2aMEBbXi1qgNMnnA==

GET
H2 200 scripps.js Show response
tru.am/scripts/custom/ 737 B
1 KB 56ms
22ms Script
application/javascript 2606:4700:20::681a:374
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/custom/scripps.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QBX3CF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:374 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f027d6553533e963630b1d0992d5ca83562645cbb955de496b40c41eddd1978e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-goog-hash: crc32c=sr7fhA==, md5=s01bXr0Uhj5Os3tr1X6KBQ==
date: Tue, 06 Sep 2022 13:56:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1484489
x-guploader-uploadid: ADPycdtnjaW-ZLnl27yItJ6fclXOfFxdd3KNgFIZkpP5IzBeB6sKvs0GhuhpHWHc8fU3oeesJXtv4oOAJhYQLfElRAhhFsoLzg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 24 Feb 2022 16:52:24 GMT
server: cloudflare
etag: W/"b34d5b5ebd14863e4eb37b6bd57e8a05"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FEW4aMg9mEhF1IsJ09pnL5%2BWi9DLmN52LbtR2fnkSEHwgvbnyaW2I4Jcy4jYJqoVakg8I5D0VRvc2dQHfVgXHOciSNYl%2Fmax7aVoxv8CewYozRgQU2Wh9uBHe0WmDSPxPwWDwA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1645721544432200
content-type: application/javascript
cache-control: public, max-age=31536000
x-goog-stored-content-length: 737
cf-ray: 7467b5dcf94b994a-FRA
expires: Sun, 20 Aug 2023 09:35:22 GMT

GET
H2 200 placement_invocation Show response
rock.defybrick.com/ 48 KB
18 KB 59ms
9ms Script
text/javascript 2600:9000:223e:7600:1a:ba5c:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:7600:1a:ba5c:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 07:45:30 GMT
content-encoding: gzip
server: Caddy
age: 22281
etag: "bf8f-sbLSqLgrhMmD0M6HbtAQ/QtX6WE"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
cache-control: max-age=43200
x-amz-cf-pop: FRA56-P4
content-length: 18460
x-amz-cf-id: ZNv4-rzufu31Bt8mWyqRJ1PQNZJ_0CvrJ9RcdW2-2RKiLeG_rv2INQ==
expires: Tue, 06 Sep 2022 19:45:30 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
258 B 172ms
33ms Image
image/gif 52.17.99.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1662472611354&plid=50412553&idsite=fox13now.com&url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&sref=&sts=1662472611351&slts=0&title=Billionaire+Utahn+to+give+away+90%25+of+his+wealth&date=Tue+Sep+06+2022+13%3A56%3A51+GMT%2B0000+(GMT)&action=pageview&pvid=76261911&u=pid%3D7132bbe0a43d938f71e2e6addc054361
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 06 Sep 2022 13:56:51 GMT
Cache-Control: no-cache
Last-Modified: Tuesday, 06-Sep-2022 13:56:51 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 clear.png
static.ewscloud.com/weathercenter/prod/static/weathericons/daytime/ 2 KB
3 KB 167ms
34ms Image
image/png 2600:9000:206e:4e00:10:618e:d880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewscloud.com/weathercenter/prod/static/weathericons/daytime/clear.png
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:4e00:10:618e:d880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 136da57ff927092cc8dd8aa976c27fb4ccb7336781a8d1335e6ed91bd61e50e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: XyMpiUe_iEH67vsILeyOipvt.mkA3qQP
via: 1.1 a243c19b86829b9271d382d92416109c.cloudfront.net (CloudFront)
last-modified: Tue, 23 Aug 2022 20:16:36 GMT
server: AmazonS3
age: 81
etag: "2f1a98dbc07325a50205519845c81a5d"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400
date: Tue, 06 Sep 2022 13:56:51 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-length: 2411
x-amz-cf-id: tWtdHsGKPrJn1kwACNkZYEaIqcueHPYcIMD88qGGDx9jYA4-5EUlJQ==

GET
H2 200 log
hblg.media.net/ 35 B
194 B 42ms
8ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/log?logid=kfk&evtid=flog&itype=HB&tElp=19&adt=desktop&cid=8CU6Q6626&ct=FRANKFURT&cc=DE&ugd=4&app=0&pht=1200&pid=8PRL4E7N3&dn=fox13now.com&servname=ssp-serving-56684bd497-b2tzj&svr=090511_438_090512_390_ssp&sc=HE&version=4&vh=1200&vw=1600&vsid=&vid=00001662472611382029970147845865&sspAbBucket=CONTROL&lw=1&dapp=green&itypeid=1&sd=1&adbd=0&npa=0&gdpr_enf=1&csex=0&gdfstr=Y-N&gdpr=1&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&tcf_api=0&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&id_details=&abte=SSP_CLIENT&rtype=&lbr=1&mnkv=&pabte=&pc=&ccat=&floc_id=&floc_ver=&gfundl=700&gtd=&inid=&ngfundl=1000&rdl=700&a=0&r=209&lper=1&requrl=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&kwrf=
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-23.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 13:56:51 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Tue, 06 Sep 2022 13:56:51 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 117ms
62ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be627c74f95035a3c0d32be88fc6f6d97be8cdd21ea91cf59c2085dbc6156fbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28549
x-xss-protection: 0
server: sffe
etag: "1325 / 883 of 1000 / last-modified: 1662462519"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 06 Sep 2022 13:56:51 GMT

GET
H3 200 ta-pagesocial-sdk.js Show response
tru.am/scripts/ 27 KB
11 KB 39ms
21ms Script
text/javascript 2606:4700:20::681a:374
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Requested by: Host: tru.am
URL: https://tru.am/scripts/custom/scripps.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:374 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a20b371f96093be0c049b07134deb9bec533817ce791e865aaab7b60dfe4beb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-goog-hash: crc32c=TsbXyg==, md5=KSXI2pDR0p94mfpSYp/jfQ==
date: Tue, 06 Sep 2022 13:56:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1404606
x-guploader-uploadid: ADPycdsERLl4U96EZQN4OrDtcHtJ5TIU9vEBAMGs3EoE2j84ITKLRhvb8Z8razV5IUfdjszKSmDkQy_3xU1qcL8Hfw4y7Q
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 21 Jul 2022 07:45:14 GMT
server: cloudflare
etag: W/"2925c8da90d1d29f7899fa52629fe37d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bqRMVfh2xTHXTgNVs0eVHwCcLRes6mkbzFYv%2BG%2FveY6hH63xyalcKZo6yMEMDqFqKxS6rIKimdLISzEJO7ov%2BN8Vz5yjTcL6lKEXwufnAGOoMZQRt8kABJato3uBJgeZOnIZgw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1658389514760491
content-type: text/javascript
cache-control: max-age=2678400
x-goog-stored-content-length: 27860
cf-ray: 7467b5dd6ad4bbb9-FRA
expires: Sun, 21 Aug 2022 07:46:55 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
192 B 44ms
44ms Image
text/plain 99.86.240.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6036471&cs_it=b3&cv=3.8.0.210223&ns__t=1662472611401&ns_c=UTF-8&c7=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&c8=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&c9=
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-98.vie50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
via: 1.1 6c9f184c491eed5c51abd110e89bd97a.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: xuOJRpy9YJWxwPZ-G8qV6wELnxiJjZE3JLuvXJIsXc0eGeFvBpJ13w==
x-cache: Miss from cloudfront

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 45ms
14ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1785
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 06 Sep 2022 14:27:06 GMT

GET
H2 200 show_pla Show response
flint.defybrick.com/ 3 KB
2 KB 304ms
110ms Script
text/javascript 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&sf=0&k=&idx=0&ch=&ext=&np=win32&nv=google%20inc.&rand=23165817519617890610800171801295240116460116525397016918650053706609&nc=0&tsf=0&tsfmi=&pv=0&cb=1662472611455&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=585161733&at=&bid=e30%3D&di=W1siZWYiLDQ2ODldLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6NCxcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQgd2ViZ2xcIixcInNlZlwiOjEwNTE2%0D%0AOTQwODksXCJzZWNcIjpcIlwifSJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUp%0D%0AIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAg%0D%0AICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAg%0D%0AICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAg%0D%0AICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJs%0D%0AZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAg%0D%0AfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAg%0D%0AfV0iXSxbLTEsIi0iXSxbLTIsIjksZVlHOVgxL1gxdFpsUzIyZDUxeDhZTlk5TXhKUUVNQ2RVQkhK%0D%0ATDg2TDIzQUNHVWhCSXdJU1NFRUFjSUpmUmVBZ1FJRUZvSW5kQ3h3UVhqaG8yNzE5Nm1Nak92L3I4%0D%0ANzB1eHFGeCJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwibWhqZmJtZGdjZmpiYnBh%0D%0AZW9qb2ZvaG9lZmdpZWhqYWlcIixcImludGVybmFsLW5hY2wtcGx1Z2luXCJdIl0sWy00LCItIl0s%0D%0AWy01LCItIl0sWy02LCItIl0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFst%0D%0AMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCIsXCJvZzp0aXRsZVwiLFwib2c6%0D%0AZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6ZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6dGl0bGVcIixc%0D%0AIm9nOmRlc2NyaXB0aW9uXCIsXCJkZXNjcmlwdGlvblwiLFwicGFyc2VseS10aXRsZVwiXX0iXSxb%0D%0ALTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQsIntcIm9cIjowLjAwOTc1NjA5NzU2MDk3NTYxfSJd%0D%0ALFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiNCJdLFstMTgsIlswLDAsMCwxXSJdLFstMTksIlsw%0D%0ALDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2%0D%0AMDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiXSJdLFstMjAsIjgwOTA4NTgwOC4xNjYyNDcyNjEx%0D%0AIl0sWy0yMSwiQUNlQ20xUjkiXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQs%0D%0AIltdIl0sWy0yNSwiLSJdLFstMjYsIntcInRqaHNcIjoyMDUwMDAwMCxcInVqaHNcIjoxNjEwMDAw%0D%0AMCxcImpoc2xcIjozNzYwMDAwMDAwfSJdLFstMjcsIlswLDkuMywwLFwiNGdcIixudWxsXSJdLFst%0D%0AMjgsImVuLVVTLGVuIl0sWy0yOSwie1widlwiOlsyLDIsMiwyLDAsMCwwLDIsMCwyLDAsMiwwLDAs%0D%0AMiwyLDIsMiwwXX0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIi0iXSxb%0D%0ALTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNjYyNDcyNjExNDQ3LDBdIl0sWy0zNiwiW1wiNC8z%0D%0AXCIsXCI0LzNcIl0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTM4LCJpLC0xLC0xLDIyNSwwLDAs%0D%0AMCw0OCw4NCwxMjEsMzE5LDAsNzQ3LjMsNzQ3LjMsMTA2NSwxMDY1Il0sWy0zOSwiW1wiMjAwMzAx%0D%0AMDdcIiw0LFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUs%0D%0AOCxmYWxzZSxudWxsLDNdIl0sWy00MCwiMzMiXSxbLTQxLCItIl0sWy00MiwiMTcyNDI5NzY1MyJd%0D%0ALFstNDMsIjAwMDAwMDAxMDEwMDAwMDEwMDExMTAxMTAwIl0sWy00NCwiMCwwLDAsNSJdLFstNDUs%0D%0AIi0iXSxbLTQ2LCIwIl0sWy00NywiRXRjL1Vua25vd24sZW4tVVMsbGF0bixncmVnb3J5Il0sWy00%0D%0AOCwiMCwwIl0sWy00OSwiLSJdLFsiYm5jaCIsMzhdXQ%3D%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A325%2C%22y%22%3A2654%2C%22w%22%3A610%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=t8I4vDDR9D&sdd=%7B%7D&pto=1074
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 6edce11425570893d77bc7008d54ccf8af6f89e823ed40ecbd29736b7dd3c495

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 13:56:51 GMT
content-encoding: gzip
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript
content-length: 1592
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-27022641-1&cid=809085808.1662472611&jid=203286559&gjid=1510741734&_gid=1650447423.1662472611&_u=aHBAiEAjBAAAAE~&z=1580386576

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 06 Sep 2022 13:56:51 GMT
content-type: text/plain
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 53ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-29479748-9&cid=809085808.1662472611&jid=1241700789&gjid=1979280354&_gid=1650447423.1662472611&_u=aHDAiEAjBAAAAE~&z=1216161262

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 06 Sep 2022 13:56:51 GMT
content-type: text/plain
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 51ms
20ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-40066851-1&cid=809085808.1662472611&jid=1426010008&gjid=465365312&_gid=1650447423.1662472611&_u=aHDAiEAjBAAAAE~&z=119258769

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 06 Sep 2022 13:56:51 GMT
content-type: text/plain
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
15ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=224415422&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ul=en-us&de=UTF-8&dt=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHBAiEAjB~&jid=203286559&gjid=1510741734&cid=809085808.1662472611&tid=UA-27022641-1&_gid=1650447423.1662472611&gtm=2wg8v05QBX3CF&cd20=20211016&cd21=Jeff%20Tavss&cd22=&cd23=Local%20News&cd24=Homepage%20Showcase%2CLocal%20News%2CInstagram&cd25=false&cd26=&cd30=&cd31=true&z=2016328549

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 02:13:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42178
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
15ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=224415422&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ul=en-us&de=UTF-8&dt=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAiEAjBAAAAE~&jid=1241700789&gjid=1979280354&cid=809085808.1662472611&tid=UA-29479748-9&_gid=1650447423.1662472611&gtm=2wg8v05QBX3CF&cd20=20211016&cd21=Jeff%20Tavss&cd22=&cd23=Local%20News&cd24=Homepage%20Showcase%2CLocal%20News%2CInstagram&cd25=false&cd26=&cd30=&cd31=true&z=1353439361

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 02:13:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42178
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
15ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=224415422&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ul=en-us&de=UTF-8&dt=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAiEAjBAAAAE~&jid=1426010008&gjid=465365312&cid=809085808.1662472611&tid=UA-40066851-1&_gid=1650447423.1662472611&gtm=2wg8v05QBX3CF&cd20=20211016&cd21=Jeff%20Tavss&cd22=&cd23=Local%20News&cd24=Homepage%20Showcase%2CLocal%20News%2CInstagram&cd25=false&cd26=&cd30=&cd31=true&z=1324115890

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 02:13:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42178
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hls.29b1ff4c2227d65c148f.js
cds.connatix.com/p/180443/ Frame 5B6A 0
47 KB 7ms
7ms Other
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/180443/hls.29b1ff4c2227d65c148f.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
content-encoding: br
last-modified: Tue, 06 Sep 2022 13:02:20 GMT
age: 3032
etag: "6afc7b7af39473a7dafdce3cf56dbd12"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 48331

GET
H2 200 connatix.playspace.css
cds.connatix.com/p/180443/ 105 KB
14 KB 7ms
7ms Stylesheet
text/css 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/180443/connatix.playspace.css
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e8ca23a252b58a07eb67e2c94362cb39a129547558996ec167bebd8c35cef945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
content-encoding: br
last-modified: Tue, 06 Sep 2022 13:02:19 GMT
age: 3031
etag: "755981655cf2a849c34bcecac6972bfa"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 14399

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 77ms
38ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-27022641-1&cid=809085808.1662472611&jid=203286559&_u=aHBAiEAjBAAAAE~&z=1317163669

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 13:56:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 80ms
42ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-27022641-1&cid=809085808.1662472611&jid=203286559&_u=aHBAiEAjBAAAAE~&z=1317163669

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 13:56:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2022090101.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
129 KB 43ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f8c6a794c3e78fdf5a92ff96d59cb8774cbd648bcc486d92eb31320c3551f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 11:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7599
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131916
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 08:36:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 06 Sep 2023 11:50:12 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 194 B
144 B 78ms
49ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.fox13now.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08de8ea6e0f9152d5d29a0b6d575137784a6c9e8a9771198b37880859a83a7e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Sep 2022 13:56:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119
x-xss-protection: 0
expires: Tue, 06 Sep 2022 13:56:51 GMT

POST
H2 200 story Show response
capi.connatix.com/core/ Frame 5B6A 5 KB
3 KB 194ms
159ms XHR
application/x-protobuf 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/story?v=180443
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6e220784889e0e6653b205efc1e0632490da633cdb62c4d498b40b3e0f3f79b9

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fox13now.com
access-control-max-age: 86400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 3411

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
535 B 72ms
71ms XHR
text/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&pid=mcmOvd4utLace&cb=0&ws=1600x1200&v=22.8.252032&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_INVIEW%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22MAD_RIGHT_RAIL%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-213.vie50.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
via: 1.1 af4c7c5690ef99c2d2945817a4e41504.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: 0AJCRRD0G8ZX771BXP9Q
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: ujdITNrAb2mfl4LLYJ7E9f9hHVjG5o2GOMEujbw-xxQXQNZC1pj74g==

GET
H2 200 arj Show response
ewscripps-d.openx.net/w/1.0/ 73 B
379 B 91ms
23ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ewscripps-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e1d20afd-dd5e-4960-921a-caa743902e46%2C5f5e5e44-2b76-4961-8fa0-47350fa92db4&nocache=1662472611686&aus=728x90%7C300x600%2C300x250&divids=MAD_INVIEW%2CMAD_RIGHT_RAIL&aucs=%252F6088%252Fssp.kstu%252Finview-bottom%2C%252F6088%252Fssp.kstu%252Fnews%252Flocal_news%252Fdetail&auid=544041562%2C544041559
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: c53fd1125a3c7cdb0f4b956049f8163f81701a7a52ac480bfae4007a6cd6498a

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 13:56:51 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.fox13now.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 436 B
2 KB 181ms
104ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=5776&site_id=361740&zone_id=1954138%3B1954136&size_id=2%3B15&alt_size_ids=%3B10&rf=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&tg_i.aupname=%2F6088%2Fssp.kstu%26mad_inview%3B%2F6088%2Fssp.kstu%26mad_right_rail&tg_i.pbadslot=%2F6088%2Fssp.kstu%2Finview-bottom%3B%2F6088%2Fssp.kstu%2Fnews%2Flocal_news%2Fdetail&tk_flint=dmpbjs_v6.24.1&x_source.tid=e1d20afd-dd5e-4960-921a-caa743902e46%3B5f5e5e44-2b76-4961-8fa0-47350fa92db4&l_pb_bid_id=539db99c807a52%3B6ad9286590874b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=2&rand=0.10793189108922996
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7c2a614b13e950e8f42edf58e5739da4084ac9bd97601a2731f7b7f8bae97889

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 06 Sep 2022 13:56:51 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.fox13now.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 436
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
507 B 176ms
140ms XHR
application/json 18.158.192.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.24.1&referrer=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&tmax=2000

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.158.192.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-192-160.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 13:56:51 GMT
accept-ch: sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 300 B
486 B 188ms
17ms XHR
application/json 2a02:fa8:8806:20::2100
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: a46df7d02b1430726c98999320109ce05ca8f78c3387250776cd9f60eb96281c

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 13:56:51 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 300
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 254 B
1 KB 190ms
137ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

bcb223ca5c745dfff14eea9c81961acf3cd89b4c7c0175463987d55dbad89734

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 06 Sep 2022 13:56:51 GMT
X-Proxy-Origin: 178.162.209.141; 178.162.209.141; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 302f02f7-337c-4d1f-9002-dae3bfe4a1a2
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.fox13now.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 254
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 adreq Show response
ads.servenobid.com/ 405 B
555 B 326ms
252ms XHR
application/json 3.248.153.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=1072
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.153.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-153-68.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 757c81ac1fd77c27e6384764d8e87f1eb91d72e5eb59843cf7bccc3bb34b2174

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Sep 2022 13:56:52 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.fox13now.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 282ms
147ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698600179795af3a05c97ef2b009d&pos=8a9695310179795afced5c9919250098&cmd=bid&secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 5006c8a4c4b48e75bbc4b9df61751929db4dbfbb8dc880b88982013d74766c3f

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 191ms
57ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698600179795af3a05c97ef2b009d&pos=8a9691c501797961dc1a6230492e002e&cmd=bid&secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 05b8152ee2105e6c599c4b2e8d8e48bc7aead8d1f5a6cb92c70acbf811118d86

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 452 B
845 B 200ms
128ms XHR
application/json 63.35.80.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1662472611697&to=0&aun=MAD_INVIEW&gpid=%2F6088%2Fssp.kstu%2Finview-bottom&t=ryx2glbx&pi=3&maxw=728&maxh=90&si=113233&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.24.1%22%7D&ogu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ns=9523
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.80.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-80-4.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf56f693d4eed1cdbd961d8575c92c9b5c5b63f0c249dc843b7134d2f3607542

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 13:56:51 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 452 B
843 B 213ms
141ms XHR
application/json 63.35.80.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1662472611697&to=0&aun=MAD_RIGHT_RAIL&gpid=%2F6088%2Fssp.kstu%2Fnews%2Flocal_news%2Fdetail&t=ryx2glbx&pi=3&maxw=300&maxh=600&si=113232&bf=300x600%2C300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.24.1%22%7D&ogu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ns=9523
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.80.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-80-4.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ac42b3ddcac7d94dacf878ae6de4874edf87e036eb94f818f7f75f4de001d2f1

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 13:56:51 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST hb
ssc.33across.com/api/v1/ 0
0

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
201 B 358ms
100ms XHR
application/json 159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 42

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
534 B 92ms
92ms XHR
text/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&pid=mcmOvd4utLace&cb=1&ws=1600x1200&v=22.8.252032&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_INLINE%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22MAD_HEADER%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22970x90%22%2C%22994x30%22%2C%2210x1%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-213.vie50.r.cloudfront.net

Software

Server /

Resource Hash

8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
via: 1.1 af4c7c5690ef99c2d2945817a4e41504.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: P80N7K8JTZZSTYRS58F8
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: yD6L5SizzxAMl4QpY3EdnHKpgpuGKtyvcpRBQag3lwalNvTyFQC_dA==

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
294 B 164ms
54ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691c501797961dc1a628788a90038&pos=8a9691c501797961dc1a6291573e005c&cmd=bid&secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 4beaae7eb84362e284414e3c2289ecf87dffdf06cb218c959eacc056a784d6b0

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
content-length: 62

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 449 B
2 KB 142ms
96ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=5776&site_id=361740&zone_id=2090360%3B1954132&size_id=15%3B2&alt_size_ids=%3B55%2C57&rf=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&tg_i.aupname=%2F6088%2Fssp.kstu%26mad_inline%3B%2F6088%2Fssp.kstu%26mad_header&tg_i.pbadslot=%2F6088%2Fssp.kstu%2Fnews%2Flocal_news%2Fdetail&tk_flint=dmpbjs_v6.24.1&x_source.tid=070bd366-c77d-4589-a9cf-86ab2fd0a9fe%3Bec2b1bfc-1cc3-442d-b081-5b74999391e0&l_pb_bid_id=34e54e649c0ecd5%3B356eb5660e56f06&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=2&rand=0.8521581723688836
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c118d25025641cb49e963095aad1a75e9d0662d56132c07bc13018eb734c4c8f

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 06 Sep 2022 13:56:51 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.fox13now.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 449
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
508 B 61ms
58ms XHR
application/json 18.158.192.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.24.1&referrer=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&tmax=2000

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.158.192.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-192-160.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 13:56:51 GMT
accept-ch: sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 452 B
846 B 182ms
136ms XHR
application/json 63.35.80.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1662472611722&to=0&aun=MAD_INLINE&gpid=%2F6088%2Fssp.kstu%2Fnews%2Flocal_news%2Fdetail&pubId=13797&pi=3&maxw=300&maxh=250&si=217149&bf=300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.24.1%22%7D&ogu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ns=9523
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.80.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-80-4.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c5c3eaa0e236da596b6942aafc79ac79850bed858e1ceb9acf17421339f9551d

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 13:56:51 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 452 B
845 B 246ms
200ms XHR
application/json 63.35.80.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1662472611723&to=0&aun=MAD_HEADER&gpid=%2F6088%2Fssp.kstu%2Fnews%2Flocal_news%2Fdetail&t=ryx2glbx&pi=3&maxw=970&maxh=250&si=113230&bf=970x250%2C728x90%2C970x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.24.1%22%7D&ogu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ns=9523
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.80.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-80-4.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8f727e82890c7c9073d2d2e997e10c0d69a4bb7dfc92586368157a35f22f79b4

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 13:56:51 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 200 adreq Show response
ads.servenobid.com/ 405 B
556 B 78ms
33ms XHR
application/json 3.248.153.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=8679
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.153.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-153-68.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 757c81ac1fd77c27e6384764d8e87f1eb91d72e5eb59843cf7bccc3bb34b2174

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.fox13now.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
390 B 323ms
91ms XHR
application/json 159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 42

POST hb
ssc.33across.com/api/v1/ 0
0

GET
H2 200 arj Show response
ewscripps-d.openx.net/w/1.0/ 73 B
145 B 54ms
25ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ewscripps-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ec2b1bfc-1cc3-442d-b081-5b74999391e0&nocache=1662472611726&aus=970x250%2C728x90%2C970x90&divids=MAD_HEADER&aucs=%252F6088%252Fssp.kstu%252Fnews%252Flocal_news%252Fdetail&auid=544041554
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 2814434f2d8063f98b92a9c0c25629d00b5c11edee3c6fd97025377b2636d301

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 13:56:51 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.fox13now.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 21 KB
13 KB 209ms
190ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e91f910eed851de0ff9ddfe94eb4e2990db0a03d74fb8671679a29527a219e85

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 06 Sep 2022 13:56:51 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.141; 178.162.209.141; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 30af7162-7162-4622-bd40-755dba005eb3
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.fox13now.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 300 B
485 B 152ms
17ms XHR
application/json 2a02:fa8:8806:20::2100
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 447ac9d5774713719cfedb0bbfff12822e14c9514c6fef11d833e5c75f34649f

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 13:56:51 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 300
expires: 0

GET
H2 200 imp.gif
flint.defybrick.com/tracker/ 43 B
79 B 92ms
92ms Image
image/gif 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e00136cecc332e8418b9c9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714493d6516dfd78ade6d3e3471ebd4988bd39e821d861c45085052aae2d05f91e46042ccf5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82c1d08f77f6aa999117aefd8f964ec57a917f0dd07c74cccd17cc22a2984db7299779ac0e1f2dbe9b5112fff7eb1bcf22c503dbed26796b613b3174000d40c5b82d1d59d81b2c527df21d6deedc85ec54d5814aa5f0ddbcec01f758bb327fb05b3c14bcd25ab2b4348509f35e40d8cc4fa25eb876a9c4ca7c19ccc7780191c2de84b011f7a446494fd6fb95098cd8a2be89262e88161d48fe8fd73c0bce04a773388e2504ad0ba055909e4ebad23e06bc2b441abbf33e525e664880293459eb535c70778b2b3ca3f7c2227567b57184fb8fd9e388710bd4452516bade50c80c60a06fda4cdf8e07ec886e7e09bf9adf6574c3efd5b85b5507280466d07ca655d7070eb7daf7205dfe8c767967dd4238bb731cbb80ff4671d7232086e67e9d2f8c96e695f9b0457d082cbb1b4d64146cbf2fb28d4bc2c3e86964b623eeb9b9d1464e23b971cdf08e93fd6&cb=1662472611767&cri=t8I4vDDR9D
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 13:56:51 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-length: 43
content-type: image/gif

GET
H2 200 get Show response
odb.outbrain.com/utils/ 40 KB
8 KB 153ms
123ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&idx=0&rand=7573&key=NANOWDGT01&widgetJSId=AR_11&va=true&et=true&format=html&adblck=false&abwl=false&clss=X5GH8%2Fo1WiZtGUg6pIKFyqpxzzgmFIPKYbDpur49YyXKRlYCdaaW0AoLivLbwPp%2BZoeMcv%2B8hRaPZ0bT&px=325&py=2742&vpd=1542&cw=610&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000874&sig=ACeCm1R9&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 28342c538861f824c13b221abba967c6b32b77d8cf04801b37d0a6c52229c3a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1662472612.803200,VS0,VE115
accept-ranges: bytes
x-served-by: cache-lga21973-LGA, cache-fra19165-FRA
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: c823f2c2fb10c3252f650b4e4512068a
content-encoding: gzip
content-length: 7841
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 blockedDomains_7.bin Show response
lit.connatix.com/08d73d33-9bb5-9b21-f035-1721d593115a/ Frame 5B6A 104 B
339 B 72ms
23ms XHR
application/octet-stream 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lit.connatix.com/08d73d33-9bb5-9b21-f035-1721d593115a/blockedDomains_7.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7b491b7e75f58ce5c0d60bcdf9f0da01d082df493a739458ca0d733795877ebb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
content-encoding: gzip
last-modified: Wed, 04 May 2022 14:04:38 GMT
age: 10799439
etag: "07bbfe91d7886a5178aa8cbc65cdd250"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 101

GET
H2 200 insights.bin Show response
ins.connatix.com/df1f7fdf76884268b7ec61841c4afa1f/ Frame 5B6A 144 B
353 B 179ms
129ms XHR
application/octet-stream 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/df1f7fdf76884268b7ec61841c4afa1f/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d1f9c5c64d175a8bc389afa09401c72262f33961d56241d00902c2a397eac4e7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
content-encoding: gzip
last-modified: Sat, 30 Apr 2022 20:36:34 GMT
age: 376179
etag: "5d0f23b2700a2d2ff3e3f3fc4cba4e1f"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 116

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 476ms
90ms XHR
application/json 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1662472611927&sessionId=f6a34fa7-f2d7-c064-b195-bac224404e7c&url=www.fox13now.com&cheqSource=1&cheqEvent=0&exitReason=4&message=X5GH8%2Fo1WiZtGUg6pIKFyqpxzzgmFIPKYbDpur49YyXKRlYCdaaW0AoLivLbwPp%2BZoeMcv%2B8hRaPZ0bT&pvId=ac94dabab538c46cfe79b7d5213a4bc3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Sep 2022 13:56:52 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 641098159fff5a262a28e32badc1d307
Content-Length: 4
Expires: 0

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 19ms
19ms Image
image/png 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
last-modified: Sun, 03 Jul 2022 06:49:40 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1656855974.293667"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
expires: Thu, 06 Oct 2022 13:56:51 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 20ms
20ms Image
image/svg+xml 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
last-modified: Sun, 03 Jul 2022 06:49:40 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1656855957.074767"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Thu, 06 Oct 2022 13:56:51 GMT

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 465ms
89ms Fetch
application/json 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=ac94dabab538c46cfe79b7d5213a4bc3&pvId=ac94dabab538c46cfe79b7d5213a4bc3&sid=848723&pid=38984&idx=0&wId=339&pad=0&org=0&tm=678&eT=0&cnsnt=no_consent&widgetWidth=610&widgetHeight=27&widgetX=325&widgetY=2742&wRV=2000874&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=1&rtt=158&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Sep 2022 13:56:52 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: edd66481685367c9120547ebb1099e96
Content-Length: 4
Expires: 0

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000874/module/ 38 KB
14 KB 20ms
20ms Script
application/x-javascript 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000874/module/streamFeed.js?e=1
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d542f80e9048b08b7ef8009c5f888ed2365f42b20543a15b4457d067e2ae4a8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
content-encoding: gzip
last-modified: Sun, 04 Sep 2022 10:17:41 GMT
server: AkamaiNetStorage
etag: "69f504dc48aafc74d37b60e93d71c404:1662288472.235852"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 14141
expires: Tue, 06 Sep 2022 17:56:51 GMT

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 15 KB
3 KB 342ms
304ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&settings=true&recs=true&widgetJSId=AR_11&key=NANOWDGT01&version=2000874&apv=false&sig=ACeCm1R9&format=html&rand=12795&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=YWM5NGRhYmFiNTM4YzQ2Y2ZlNzliN2Q1MjEzYTRiYzM=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=no_abtest&clss=X5GH8%2Fo1WiZtGUg6pIKFyqpxzzgmFIPKYbDpur49YyXKRlYCdaaW0AoLivLbwPp%2BZoeMcv%2B8hRaPZ0bT&dpr=1&cw=610&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&rw=CR_12
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e14412d15881b4b0edfd0ceb9910b602b20100c5e2dd48e26203ced5704efd8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:52 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1662472612.007750,VS0,VE288
accept-ranges: bytes
x-served-by: cache-lga21939-LGA, cache-fra19165-FRA
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: eb61384317f5fa54dbb6f824054ff760
content-encoding: gzip
content-length: 2717
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK sr Show response
capi-tier-1-us-east-2.connatix.com/tr/ Frame 5B6A 0
317 B 815ms
453ms XHR
application/x-protobuf 18.219.108.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-1-us-east-2.connatix.com/tr/sr?v=180443
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.219.108.29 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-108-29.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 06 Sep 2022 13:56:52 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 5B6A 376 KB
126 KB 83ms
25ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128229
x-xss-protection: 0
expires: Tue, 06 Sep 2022 13:56:52 GMT

GET
H2 200 d4d65961-e9da-4b52-bd4e-06d88852b841.bin Show response
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ Frame 5B6A 7 KB
1 KB 26ms
12ms XHR
application/octet-stream 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/d4d65961-e9da-4b52-bd4e-06d88852b841.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 487dac5479175152da0746d331187b75f919b2b797b206ea5f44877b37fa6f2a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:52 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2022 02:18:07 GMT
age: 41842
etag: "2fb5b4b2d72aea63dc520123ea219647"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 1279

POST
H/1.1 200
OK ao Show response
capi-tier-1-us-east-2.connatix.com/tr/ Frame 5B6A 0
317 B 453ms
113ms XHR
application/x-protobuf 18.219.108.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-1-us-east-2.connatix.com/tr/ao?v=180443
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.219.108.29 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-108-29.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK g Show response
capi-tier-1-us-east-2.connatix.com/rtb/ Frame 5B6A 478 B
676 B 523ms
202ms XHR
application/x-protobuf 18.219.108.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-1-us-east-2.connatix.com/rtb/g?v=180443
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.219.108.29 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-108-29.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: 602498373dd83e289bd8450e4166abb1c9cb7088465d47d33ba2018fb2a36ca1

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 378

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
494 B 71ms
71ms XHR
text/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&pid=mcmOvd4utLace&cb=2&ws=1600x1200&v=22.8.252032&t=2000&slots=%5B%7B%22id%22%3A%22Connatix_Instream_Video%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-213.vie50.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:52 GMT
via: 1.1 af4c7c5690ef99c2d2945817a4e41504.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: KJZX32KQPE6HJYC5FSEP
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: iSilPjrOjXq35FMBdV7eKkfwFpi9AHJ-w8KUSd7cAWSL1jp0uxQsIQ==

POST
H/1.1 200
OK ps Show response
capi-tier-1-us-east-2.connatix.com/tr/ Frame 5B6A 0
317 B 451ms
115ms XHR
application/x-protobuf 18.219.108.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-1-us-east-2.connatix.com/tr/ps?v=180443
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.219.108.29 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-108-29.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 06 Sep 2022 13:56:51 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 d6d729e7-6c94-49c8-ab2d-656dcfffa237.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 34 KB
33 KB 60ms
52ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/d6d729e7-6c94-49c8-ab2d-656dcfffa237.jpg?crop=600:410,smart&width=600&height=410&format=jpeg&quality=60&fit=crop
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5c03f45c8f7db59ce010818141dbc2bc62e6ff926c56cfb00922cab29582550c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:52 GMT
content-encoding: br
age: 41841
etag: "lRk1M3NwHtAI4nJADItlvQxycVdwHL8ZqTDqZMvhw70"
access-control-max-age: 86400
fastly-io-info: ifsz=238320 idim=1920x1080 ifmt=jpeg ofsz=34360 odim=600x410 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 33980

GET
H2 200 d6d729e7-6c94-49c8-ab2d-656dcfffa237.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 29 KB
29 KB 58ms
50ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/d6d729e7-6c94-49c8-ab2d-656dcfffa237.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d4eb51c6a13c68901deb32265b76816b0a865d625a8ce4f3917012bda3bc09db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:52 GMT
content-encoding: br
age: 41841
etag: "1xEfzw1rDPKQbhk50wXNu+nrM4fnymcNEKaFn4hOJPc"
access-control-max-age: 86400
fastly-io-info: ifsz=238320 idim=1920x1080 ifmt=jpeg ofsz=29741 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 29365

GET
H2 200 50ddd1db-5643-4d1f-af17-b0ebbac14373.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 25 KB
24 KB 60ms
52ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/50ddd1db-5643-4d1f-af17-b0ebbac14373.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bbe6892adb45348a26af61da63e329a2388e1e33262635537524d4a39222da19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:52 GMT
content-encoding: br
age: 41841
etag: "tYBS3Q8LQhwCaBmE5diMlYTtD0zhy/89dlaGq8XmnHA"
access-control-max-age: 86400
fastly-io-info: ifsz=74835 idim=1280x720 ifmt=jpeg ofsz=25744 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 24719

GET
H2 200 de030b7f-a886-4a68-9c62-b7b6907c9674.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 26 KB
26 KB 58ms
50ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/de030b7f-a886-4a68-9c62-b7b6907c9674.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 047112d270d9aeb32c71f83d6ef8649b95821a28484eb7b0b3bdb78b69060df0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:52 GMT
content-encoding: br
age: 41841
etag: "csO57wsrG4ebye8K0o28+Em0adWMwTwoH6+SFQj/Eno"
access-control-max-age: 86400
fastly-io-info: ifsz=228667 idim=1920x1080 ifmt=jpeg ofsz=26827 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 26478

GET
H2 200 bbba8612-8be0-4dba-8c77-1b42bf71e421.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 22 KB
21 KB 59ms
52ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/bbba8612-8be0-4dba-8c77-1b42bf71e421.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 254ad0a2f10a103ea9d7a144a2c69ab341811605ea30814c33f69bd2e75912c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:52 GMT
content-encoding: br
age: 41841
etag: "aSq77Np4+7TaCLhcUqZAu/QyFO/eaPF7TIbLw5cg0FA"
access-control-max-age: 86400
fastly-io-info: ifsz=69253 idim=1280x720 ifmt=jpeg ofsz=22813 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 21598

GET
H2 200 a084666e-8fac-462d-8be6-74340530b016.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 25 KB
24 KB 81ms
74ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/a084666e-8fac-462d-8be6-74340530b016.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 282dd56d934fcb6d681b35999f91b112b166fde9330e400ea349a0d6cc27173e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:52 GMT
content-encoding: br
age: 41841
etag: "MavelQFkvIiYKR4yoZkqT7sDctEU8W4gmlyo3D30G8g"
access-control-max-age: 86400
fastly-io-info: ifsz=184473 idim=1920x1080 ifmt=jpeg ofsz=25519 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 24900

GET
H2 206 6cce1c85-c899-4671-8534-e1e4c5882fad_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 1 MB
0 35ms
35ms Media
video/mp4 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/6cce1c85-c899-4671-8534-e1e4c5882fad_360_h264.mp4
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 06 Sep 2022 13:56:52 GMT
last-modified: Tue, 06 Sep 2022 02:13:59 GMT
age: 41841
etag: "21e625238e144b524cf8cb797cf353ec"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 0-1345927/1345928
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1345928

GET
H2 206 81614a79-80d4-4325-aea0-51af14bf47b3_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 714 KB
0 35ms
35ms Media
video/mp4 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/81614a79-80d4-4325-aea0-51af14bf47b3_360_h264.mp4
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 06 Sep 2022 13:56:52 GMT
last-modified: Tue, 06 Sep 2022 02:18:06 GMT
age: 41841
etag: "fe8a5247f7c8eaa6410fd578af506de3"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 0-1282350/1282351
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1282351

GET
H2 206 5e77b6ae-a785-4ceb-91eb-84286faee04c_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 485 KB
0 34ms
34ms Media
video/mp4 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/5e77b6ae-a785-4ceb-91eb-84286faee04c_360_h264.mp4
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 06 Sep 2022 13:56:52 GMT
last-modified: Tue, 06 Sep 2022 02:15:54 GMT
age: 41841
etag: "4251b2dc1a5efdf4a4b356c4943de954"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 0-1369554/1369555
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1369555

GET
H2 206 dc632534-4ba6-445c-97de-f50b6115dbb6_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 64 KB
0 79ms
78ms Media
video/mp4 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/dc632534-4ba6-445c-97de-f50b6115dbb6_360_h264.mp4
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 06 Sep 2022 13:56:52 GMT
last-modified: Tue, 06 Sep 2022 02:13:22 GMT
age: 41841
etag: "998cf42a9a3b6f040d88168eef313d54"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 0-1198404/1198405
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1198405

GET
H2 206 ef811fae-ecd2-43ec-b1c4-f05a20417360_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 80 KB
0 78ms
77ms Media
video/mp4 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ef811fae-ecd2-43ec-b1c4-f05a20417360_360_h264.mp4
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 06 Sep 2022 13:56:52 GMT
last-modified: Tue, 06 Sep 2022 02:13:40 GMT
age: 41841
etag: "c9e6d50e7e9b7d263ab7c11122d2e401"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 0-1398486/1398487
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1398487

GET
H3 200 bridge3.528.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 644F 637 KB
206 KB 71ms
31ms Document
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 99459
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210604
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Sep 2022 10:19:13 GMT
expires: Tue, 05 Sep 2023 10:19:13 GMT
last-modified: Mon, 29 Aug 2022 20:41:35 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 5B6A 44 KB
17 KB 122ms
29ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Sep 2022 13:56:52 GMT

GET
H3 200 bridge3.528.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 9CCF 637 KB
206 KB 33ms
31ms Document
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 99459
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210604
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Sep 2022 10:19:13 GMT
expires: Tue, 05 Sep 2023 10:19:13 GMT
last-modified: Mon, 29 Aug 2022 20:41:35 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bridge3.528.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 8D65 637 KB
206 KB 62ms
61ms Document
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 99459
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210604
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Sep 2022 10:19:13 GMT
expires: Tue, 05 Sep 2023 10:19:13 GMT
last-modified: Mon, 29 Aug 2022 20:41:35 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 206 dc632534-4ba6-445c-97de-f50b6115dbb6_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 416 KB
0 59ms
59ms Media
video/mp4 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/dc632534-4ba6-445c-97de-f50b6115dbb6_360_h264.mp4
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Range: bytes=65536-

Response headers

date: Tue, 06 Sep 2022 13:56:52 GMT
last-modified: Tue, 06 Sep 2022 02:13:22 GMT
age: 41841
etag: "998cf42a9a3b6f040d88168eef313d54"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 65536-1198404/1198405
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1132869

GET
H2 206 ef811fae-ecd2-43ec-b1c4-f05a20417360_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 208 KB
0 55ms
55ms Media
video/mp4 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ef811fae-ecd2-43ec-b1c4-f05a20417360_360_h264.mp4
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Range: bytes=65536-

Response headers

date: Tue, 06 Sep 2022 13:56:52 GMT
last-modified: Tue, 06 Sep 2022 02:13:40 GMT
age: 41841
etag: "c9e6d50e7e9b7d263ab7c11122d2e401"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 65536-1398486/1398487
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1332951

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 183ms
94ms XHR
application/json 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1662472612315&sessionId=f6a34fa7-f2d7-c064-b195-bac224404e7c&url=www.fox13now.com&cheqSource=1&cheqEvent=0&exitReason=4&message=X5GH8%2Fo1WiZtGUg6pIKFyqpxzzgmFIPKYbDpur49YyXKRlYCdaaW0AoLivLbwPp%2BZoeMcv%2B8hRaPZ0bT&pvId=ac94dabab538c46cfe79b7d5213a4bc3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Sep 2022 13:56:52 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 76f97a64101f44a0a96aa6e7d35a146f
Content-Length: 4
Expires: 0

GET
H2 200 singleAnimationOnFeed.js Show response
widgets.outbrain.com/nanoWidget/2000874/module/ 503 B
811 B 21ms
18ms Script
application/x-javascript 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000874/module/singleAnimationOnFeed.js?e=1
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 36404e38218b616b01d536bf0a7ef92668438a5b1cc7c60dc633f6d4ed814b5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:52 GMT
last-modified: Sun, 04 Sep 2022 10:17:41 GMT
server: AkamaiNetStorage
etag: "d0c15ad116cb243bd06bc5cc16d110f2:1662288467.984051"
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 503
expires: Tue, 06 Sep 2022 17:56:52 GMT

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 178ms
91ms Fetch
application/json 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=aea128e457e0d16ee65c0cc6f6e6bfb7&pvId=ac94dabab538c46cfe79b7d5213a4bc3&sid=848723&pid=38984&idx=2&wId=974&pad=0&org=0&tm=1061&eT=0&cnsnt=no_consent&widgetWidth=610&widgetHeight=0&widgetX=325&widgetY=3238&wRV=2000874&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=346&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Sep 2022 13:56:52 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 7108f7d6c36c7d660186e924d7b39ff0
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 273ms
94ms XHR
application/json 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1662472612318&sessionId=f6a34fa7-f2d7-c064-b195-bac224404e7c&url=www.fox13now.com&cheqSource=1&cheqEvent=0&exitReason=4&message=X5GH8%2Fo1WiZtGUg6pIKFyqpxzzgmFIPKYbDpur49YyXKRlYCdaaW0AoLivLbwPp%2BZoeMcv%2B8hRaPZ0bT&pvId=ac94dabab538c46cfe79b7d5213a4bc3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Sep 2022 13:56:52 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 24e16674fd4a49a4b58ed61e3231a39c
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 273ms
93ms Fetch
application/json 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=97b8e0eb170d3e2fe3076e618935509e&pvId=ac94dabab538c46cfe79b7d5213a4bc3&sid=848723&pid=38984&idx=3&wId=975&pad=0&org=0&tm=1064&eT=0&cnsnt=no_consent&widgetWidth=610&widgetHeight=0&widgetX=325&widgetY=3238&wRV=2000874&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=346&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Sep 2022 13:56:52 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 564f45cffe84038e7bf6c9f3c4a4e50c
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 357ms
89ms XHR
application/json 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1662472612319&sessionId=f6a34fa7-f2d7-c064-b195-bac224404e7c&url=www.fox13now.com&cheqSource=1&cheqEvent=0&exitReason=4&message=X5GH8%2Fo1WiZtGUg6pIKFyqpxzzgmFIPKYbDpur49YyXKRlYCdaaW0AoLivLbwPp%2BZoeMcv%2B8hRaPZ0bT&pvId=ac94dabab538c46cfe79b7d5213a4bc3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Sep 2022 13:56:52 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 2ee52a19109f2bfaef09c083bc7a2fd6
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 357ms
89ms Fetch
application/json 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=819e8c4613455e08a2241c9c7ee48c70&pvId=ac94dabab538c46cfe79b7d5213a4bc3&sid=848723&pid=38984&idx=4&wId=974&pad=0&org=0&tm=1065&eT=0&cnsnt=no_consent&widgetWidth=610&widgetHeight=0&widgetX=325&widgetY=3238&wRV=2000874&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=346&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Sep 2022 13:56:52 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: abccb98f0473064e057c096677bc12fb
Content-Length: 4
Expires: 0

GET
H2 200 checksync.php Show response
hbx.media.net/ Frame 8B4F 28 KB
10 KB 223ms
222ms Document
text/html 2.21.184.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/checksync.php?cid=8CU6Q6626&cs=1&cv=37&hb=1&prvid=261%2C3007%2C2034%2C3017%2C79%2C3012%2C29%2C339%2C147%2C246%2C97%2C203%2C326%2C108%2C23%2C273%2C3018%2C117%2C71%2C96%2C38%2C141%2C2030%2C251%2C178%2C3016%2C102%2C229%2C59%2C201%2C2026%2C226%2C159%2C238%2C58%2C54%2C3010%2C126%2C175%2C2027%2C239%2C75%2C106%2C80&vsSync=1&refUrl=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU6Q6626&version=5.1&dn=www.fox13now.com

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.184.22 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-184-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

03c3c575244d626f8f7c1ef87d40b40fdef2c9a5231117e098de1ad7078263f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 9961
content-type: text/html; charset=UTF-8
date: Tue, 06 Sep 2022 13:56:52 GMT
expires: Thu, 08 Sep 2022 13:56:52 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 206 ef811fae-ecd2-43ec-b1c4-f05a20417360_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 64 KB
0 9ms
9ms Media
video/mp4 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ef811fae-ecd2-43ec-b1c4-f05a20417360_360_h264.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Range: bytes=262144-

Response headers

date: Tue, 06 Sep 2022 13:56:52 GMT
last-modified: Tue, 06 Sep 2022 02:13:40 GMT
age: 41841
etag: "c9e6d50e7e9b7d263ab7c11122d2e401"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 262144-1398486/1398487
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1136343

POST
H/1.1 200
OK g Show response
capi-tier-1-us-east-2.connatix.com/rtb/ Frame 5B6A 0
317 B 103ms
103ms XHR
application/x-protobuf 18.219.108.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-1-us-east-2.connatix.com/rtb/g?v=180443
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.219.108.29 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-108-29.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 06 Sep 2022 13:56:52 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 log
c21lg-d.media.net/ Frame 8B4F 35 B
194 B 208ms
162ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=1&vsid=3054742121492549000V10&origin=1&flt=0&pvgid[]=data-p&pvgid[]=data-b&pvgid[]=data-t&pvgid[]=data-sov&pvgid[]=data-r1&pvgid[]=data-pb&pvgid[]=data-xu&pvgid[]=data-tx&pvgid[]=data-bs&pvgid[]=data-c&pvgid[]=data-ct
Requested by: Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CU6Q6626&cs=1&cv=37&hb=1&prvid=261%2C3007%2C2034%2C3017%2C79%2C3012%2C29%2C339%2C147%2C246%2C97%2C203%2C326%2C108%2C23%2C273%2C3018%2C117%2C71%2C96%2C38%2C141%2C2030%2C251%2C178%2C3016%2C102%2C229%2C59%2C201%2C2026%2C226%2C159%2C238%2C58%2C54%2C3010%2C126%2C175%2C2027%2C239%2C75%2C106%2C80&vsSync=1&refUrl=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-23.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hbx.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 13:56:52 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Tue, 06 Sep 2022 13:56:52 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 86ms
23ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.fox13now.com

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Sep 2022 13:56:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 73ms
24ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.fox13now.com

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Sep 2022 13:56:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
17 KB 394ms
393ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3737824374582174&correlator=2249958888793519&eid=31069203%2C31069228%2C31069288%2C31069313%2C31069332&output=ldjh&gdfp_req=1&vrg=2022090101&ptt=17&impl=fifs&iu_parts=6088%2Cssp.kstu%2Cinview-bottom%2Cnews%2Clocal_news%2Cdetail&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2F4%2F5&prev_iu_szs=728x90%2C300x600%7C300x250&ifi=1&adks=173361388%2C3237403784&sfv=1-0-38&fsapi=false&prev_scp=categories%3Dhomepage%2520showcase%252Clocal%2520news%252Cinstagram%26pt%3Ddetail%252Cfalse%26fname%3Dbillionaire-utahn-to-give-away-90-of-his-wealth%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dnews%252Flocal_news%252Fdetail%26refresh%3D0%26temp%3D70-79%26amznbid%3D2%26amznp%3D2%7Ccategories%3Dhomepage%2520showcase%252Clocal%2520news%252Cinstagram%26pt%3Ddetail%252Cfalse%26fname%3Dbillionaire-utahn-to-give-away-90-of-his-wealth%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dnews%252Flocal_news%252Fdetail%26refresh%3D0%26temp%3D70-79%26amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1662472613206&lmt=1662472613&dlt=1662472610816&idt=842&adxs=-12245933%2C975&adys=-12245933%2C936&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&frm=20&vis=1&psz=1600x0%7C300x30&msz=1600x-1%7C300x30&fws=644%2C4&ohw=1600%2C1070&ga_vid=809085808.1662472611&ga_sid=1662472613&ga_hid=224415422&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0bb1cf1744be64c3bfe31ee3a4ab897dfce69f149b47d1b77e65ce71567a61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17398
x-xss-protection: 0
google-lineitem-id: -1,6089605362
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138401495438
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 127ms
63ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90945c85490a12e74c00424f08a64f9977401d51e443cf45e7f646e4e4079f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Sep 2022 13:56:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11115
x-xss-protection: 0

GET
H2 200 container.html Show response
2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1FBC 6 KB
4 KB 121ms
22ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 13:56:53 GMT
expires: Wed, 06 Sep 2023 13:56:53 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 54 KB
13 KB 78ms
78ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3737824374582174&correlator=2930129478502058&eid=31069203%2C31069228%2C31069288%2C31069313%2C31069332&output=ldjh&gdfp_req=1&vrg=2022090101&ptt=17&impl=fifs&iu_parts=6088%2Cssp.kstu%2Cnews%2Clocal_news%2Cdetail&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250%2C970x250%7C728x90%7C970x90%7C994x30%7C10x1&ifi=3&adks=1130257580%2C1666007649&sfv=1-0-38&fsapi=false&prev_scp=categories%3Dhomepage%2520showcase%252Clocal%2520news%252Cinstagram%26pt%3Ddetail%252Cfalse%26fname%3Dbillionaire-utahn-to-give-away-90-of-his-wealth%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C2%26au%3Dnews%252Flocal_news%252Fdetail%26refresh%3D0%26temp%3D70-79%26amznbid%3D2%26amznp%3D2%7Ccategories%3Dhomepage%2520showcase%252Clocal%2520news%252Cinstagram%26pt%3Ddetail%252Cfalse%26fname%3Dbillionaire-utahn-to-give-away-90-of-his-wealth%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C2%26au%3Dnews%252Flocal_news%252Fdetail%26refresh%3D0%26temp%3D70-79%26amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1662472613228&lmt=1662472613&dlt=1662472610816&idt=842&adxs=325%2C-12245933&adys=2151%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C-1&ucis=3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&frm=20&vis=1&psz=610x30%7C1500x0&msz=610x30%7C970x0&fws=4%2C132&ohw=1070%2C1600&ga_vid=809085808.1662472611&ga_sid=1662472613&ga_hid=224415422&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f22eb36f531f8a86b9bfdb5835b700626883ca9ab9b84a4b3cbef9314e021c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13445
x-xss-protection: 0
google-lineitem-id: 6094964047,6094964047
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138402582148,138402140463
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7439 0
0 52ms
51ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssxezQgYH4nw1ACEwFISQzKmUqCS7N-KhJ3-p9oSjFBeagvPFrD4ueNCBPPjv60kiK4gmDT7ulMKDxGsnGl47ps8-X2GmTj5H3b2bVDtD7OXSpLIyu22nWen-_TMRU13FPnLf0h7UEkfPtN77GEeI1GpFOKJ0ggJENdJnTvz5MzbIE-E_LzRDNPIXm0a-C62SuWPRy-d5EcYsuA4rmOYlDhp7MV69PXHyAaXtkzlZpMxTjOKSfNrAw2lXE9FctmrwCVtt8tGCyG1hTg0iE1vE4h0spEeJIcgnB58oq33DOuUwhvaTlN_VXX-3N9VMPKVxXCyyVjhcvrPxp1tx0M-g3X_Q&sai=AMfl-YTe9h-dRAqzOqzy3aGnna9IZb-5pGEA7UMO5JwcHXsoULf4-Mf5_b9gP3SFW2JfwsUq2Ni3PcEA7BMdP4rUF1HfvUpFWuPpBBXNrgWLegRYSCetVT_wyJKWFZbT7HVy_A&sig=Cg0ArKJSzO37ODwivMMNEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Sep 2022 13:56:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 06 Sep 2022 13:56:53 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 7439 3 KB
2 KB 56ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Sep 2022 13:56:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7439 142 KB
44 KB 80ms
28ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Sep 2022 13:56:53 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7439 0
0 58ms
24ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT_n56PzRkbZFdzT6r6osfbsBgxoqA0EtSvFdmgF87eoKiL92kwPqNwaNNCWQmX9_Av7T5rMKQHRoSaGC8Z2rOGi4dEAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 12407681855688961723
tpc.googlesyndication.com/simgad/ Frame 7439 81 KB
81 KB 71ms
29ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12407681855688961723

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

101747c1a69596c1600529606c5ff1e36eebc0806696a5af75a77f83bb9c21f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 04:03:02 GMT
x-content-type-options: nosniff
age: 467631
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82694
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 13:34:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Sep 2023 04:03:02 GMT

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 68ms
8ms Preflight 18.195.227.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.227.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-227-5.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.fox13now.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Tue, 06 Sep 2022 13:56:53 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 6d6d25e3-5be4-444b-82ae-a8f0bb892234.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 749D 96 KB
24 KB 19ms
19ms Script
application/javascript 2600:9000:218e:2200:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218e:2200:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b96e6beab93cd979f18edcb11b5b9c620f4cf74e43aa3a2b0406cdbb4739c676

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: 9wKw90O6OLYQVSQjAP8lq5XcV5Wycjaq
content-encoding: br
last-modified: Thu, 14 Jul 2022 18:53:52 GMT
server: AmazonS3
age: 810
etag: W/"1b3451aff703aa6bf4280ce6308cc11c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd596aba0de57f83442d2ebd6b268f4.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
date: Tue, 06 Sep 2022 13:44:49 GMT
x-amz-cf-pop: CDG52-P1
x-amz-cf-id: nFwiQo-oXk8afhOAPynUPoXZntUZN6sep_ppkz-eU33FHSR2lCR7wA==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 749D 0
0 50ms
50ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvSe47B-CUIrMVdyLEQSNhfhnyI4pfjEQo0HwK48gU_DaWhq88LjJcphcihO65K6NzlV3DjcIKnyHLmzrCh_T6zBeNlRTxgobQly9vDodbfDc-zKRXXAr9EJaETtDE972mV_S4CoueKqix9ntnWHWFP-RZTB1Q-T_lX1YWV0GbubV2vGIJKnEFn3W8ZnZYfqva25R4ZJ8ie6wpv9GZn_VwZ1tMjdxev3HBgTamVZB3KOpSkCgDxqIEyk0co4g6aPJgNCzBB7D3PPzuGCs8wvWpy8yMuWr1B-YD8n47fnAbBJBV-ODZj_fPVkhVTdOQ0uznFdHbO1QtbrALIY7Pv_E_eA&sai=AMfl-YTSeZxKkovVFjOC0cqcIaJ5RS4VSfpcVUN9xaspdWiJj2GGxToab11bPDn3vp80hCYOo3tVT7Cu-E_D7vSHQTkOXK9aw3RscbJiNimH5NsiEg134w_B_k2R1ThQ5S3CFg&sig=Cg0ArKJSzGpTm0FEQR6LEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Sep 2022 13:56:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 06 Sep 2022 13:56:53 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 749D 3 KB
1 KB 47ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Sep 2022 13:56:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 749D 142 KB
44 KB 92ms
50ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Sep 2022 13:56:53 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 749D 0
0 46ms
21ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS6vEKEsUfqLLSc34Wwe6_h9YQGW1iknCHsMl8tYQaF-ZLC5eqdTUtqmFLHNbPs2VAqP2LUlSCEesMNAPjocglC1yVHzg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 4424216533791905186
tpc.googlesyndication.com/simgad/ Frame 749D 128 KB
129 KB 47ms
16ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4424216533791905186

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

318105032b521ca177fd1918c5f40e00315f3b6498bd320c3c62021aaa368c51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 14:21:12 GMT
x-content-type-options: nosniff
age: 430541
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131557
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 13:34:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Sep 2023 14:21:12 GMT

POST
H2 202 event Show response
prebid-a.rubiconproject.com/ 61 B
225 B 8ms
8ms XHR
application/json 18.195.227.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.227.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-227-5.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 06 Sep 2022 13:56:53 GMT
content-length: 61
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 75ms
58ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Sep 2022 13:56:53 GMT

GET
H3 202 6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/ad/impression/ Frame 749D 0
523 B 143ms
123ms Image
text/plain 2606:4700:3030::6815:251b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=913098
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OKQ0B9i6rYgpCrcmaeGqfXe0O6GzitqjwSxsplKeMHU4SQGSTvydFIj%2BhNS3Pu5rt8tmcjEKtRsXJ6n8TQO9FAUZR7hgT3YVxtNfm3dIOX3b7hFFSuwk9wDLAzjDv2%2FW9yyK54%2BnVKrNCPzRGuD%2Fb2reuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 7467b5e9bbef9091-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: FxJKCKY8JsPAsYUAs4Ih

GET
BLOB 200
OK 5e117a87-48bf-41c0-82a1-b4941765b4c3
https://www.fox13now.com/ Frame 749D 789 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.fox13now.com/5e117a87-48bf-41c0-82a1-b4941765b4c3
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length: 789
Content-Type: application/javascript

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2E86 13 KB
5 KB 43ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 932
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 13:41:21 GMT
expires: Wed, 06 Sep 2023 13:41:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CD00 783 B
535 B 25ms
25ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f1797c657800e45304a067a5277d2ee67f657eec99e38d291a3b9b34490b10f9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uBj3eyYP_CHR_T2A3aWMLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-uBj3eyYP_CHR_T2A3aWMLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 13:56:53 GMT
expires: Tue, 06 Sep 2022 13:56:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7439 0
0 57ms
56ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstp6IoDqoJPL5jdSakBK0JuTloMqrdgucBJMxKLUMOffdegzso46szDkuq6kC2uvyRRuQBy4PD1YU_MZeHJNAd6tW7EWsqfA68ijb3wwdJBz_jKcTjQFKBBjmCGck2h3lXgcAK8aqu1q2rCahdeIK0GPhhF6JmbGFkw2AWfzTqHr4f6soLFoDDt-JRa2EiLh-7CIAywUJraGAgxi0S1prqToYJa-1b3-EQKzDL_jX69PDDLlJmV6ViI7nlEZ3OG35rO15kfewk4Gu9C8jDiRXJg7bvviZWsnqPsStccSNC7C_SqSz_1oWntljj3M9BzwZGcmUfk6DVuZRNjf0XcHp1J5z2x&sai=AMfl-YTpQJZZc-HCGgJQrFOMSIVco1NRWvmUUprcjwRlfLj8unfT4CVqsCaVWN_rxe8KGrdvTWY-gxcPCMYlT_0km1G_ZCFRm0xbbidWnDpKanp4piOfyqqsicr8kwAb_NctPA&sig=Cg0ArKJSzEbwToiYArvzEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Sep 2022 13:56:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 06 Sep 2022 13:56:53 GMT

GET
DATA 200
OK truncated
/ Frame 7439 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 889b1272b88b89ba7f66018a66ff83775f50ef9427c78e8f5b032eeb5a3de6d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CD00 0
0 83ms
53ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022090101&jk=3737824374582174&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 749D 0
0 53ms
52ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-YZGgfUuM_SlsJozyp-5jwFqMKnPUR3T-P597REcMHCgToGt5owUod4lk1zINzehp8oeZg7eTSbdmAi2WzixEEDhDVc7oU4rqik12afuAkYNhURg3vCj_Rktqb_NJ-tH1n6g8gesQn_Pb6X8UyCcEkXNUjyqOMjhJlzJyuJRqicMk-6Qn2WyWNIb4WUep-Hd3zejYZsAbZHJYO-jVU-K0HBN0LeTtNC4-Bw_gaUmy3r4lj8ysPTaF73VI6dI1XRgFKacicTvo3G7IAjAYVzhKe0snb9_lZXcjrftj_K0egTNj373uBw3jmzaBTT0besgfaLFPxwVPlzJ5JiHgmEjGsbd9&sai=AMfl-YRa4L93BOKyuP1ZiQD2Tz4L37zva4uvJ1VYSQtuBuP6z-IS-8y47I63cG72rrreErGEkQirrI1VNrlu_LJSxghlSufzoDQEB6Kjvf3hBFB_DohMeXz5GhUp7DAYSQFQbQ&sig=Cg0ArKJSzBOmCmc9Vd4CEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Sep 2022 13:56:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 06 Sep 2022 13:56:53 GMT

GET
DATA 200
OK truncated
/ Frame 749D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f52cc085c2881067e796c67da49dbde256a8ff8aee64cbb6513c68648c7bdeb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js Show response
pagead2.googlesyndication.com/bg/ Frame 2E86 36 KB
16 KB 23ms
15ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 15:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15954
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Sep 2023 15:40:41 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2E86 0
10 B 13ms
13ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7NfoMg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 container.html Show response
2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C54D 6 KB
3 KB 71ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 13:56:53 GMT
expires: Wed, 06 Sep 2023 13:56:53 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 8ms
7ms Preflight 18.195.227.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.227.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-227-5.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.fox13now.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Tue, 06 Sep 2022 13:56:53 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 6d6d25e3-5be4-444b-82ae-a8f0bb892234.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame DB60 96 KB
24 KB 19ms
18ms Script
application/javascript 2600:9000:218e:2200:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218e:2200:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b96e6beab93cd979f18edcb11b5b9c620f4cf74e43aa3a2b0406cdbb4739c676

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: 9wKw90O6OLYQVSQjAP8lq5XcV5Wycjaq
content-encoding: br
last-modified: Thu, 14 Jul 2022 18:53:52 GMT
server: AmazonS3
age: 810
etag: W/"1b3451aff703aa6bf4280ce6308cc11c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd596aba0de57f83442d2ebd6b268f4.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
date: Tue, 06 Sep 2022 13:44:49 GMT
x-amz-cf-pop: CDG52-P1
x-amz-cf-id: Y9Djvi6zaHbqC6b-57fgtTnWq_5i8kBD1wbOmsQbniwDUhyexiQUVw==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DB60 0
0 52ms
50ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvOGZb7Rr_NB-K8kRQJHy8InGMYHIj2sbpk_Nyj2KtBv402cGWksEOO6iYCPrI-bPuxyfU2GgI6Lwtxc8P8AoT-_Kr1rXtOYpqyD67qbNUrhzZtX4dGD9aQyqBybSw0_yEv2ywb4N1YlGA4vYh7FRWQ3VeHnbRkgDoVjJJcxw3xJo6NyNKcwocdsDTvl9sZCFwFBAFqdmj8ABKswDqjUpArmYuKD8SvkgswRHKDIpSQnvVsl8rL2PVQAIcYhr349IcbagvW3HH03owswCmeSiCa3XbiGpufJ3uD2_668UWtxt50Xrw_B-BENzqvk9YVV7_5O0LVMGiXK0aSPw2H0R621w&sai=AMfl-YTNx55CRB3fHpqQ55SMQ31D6lHCWMhk1-XBy0oAtWUPTxCKApIXyMoRcO0-hC97DdxPDaqwQmZq3g9YBaMGJQ62X-YRV0XjZRwnHNau5tnyxi9KsD45uCqdvs_Mn8oIdYk&sig=Cg0ArKJSzO7ukY3w9YEAEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Sep 2022 13:56:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame DB60 3 KB
1 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Sep 2022 13:56:16 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DB60 142 KB
44 KB 58ms
27ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Sep 2022 13:56:53 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DB60 0
0 26ms
25ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQKb1FrfyBjO76f9g-p-xReGpcf1nMQVSgNs9WO3R9aZqUY--DyvC9lucmsaihA59SyfyaKBfrYceUyOORja1VU6wSCdQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 200 3951215186844789456
tpc.googlesyndication.com/simgad/ Frame DB60 131 KB
131 KB 17ms
16ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3951215186844789456

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fc5bf7b4fc55ae6ae3af77867e32aa18d1a6c134289ed0b775cecd21624353b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 04:09:11 GMT
x-content-type-options: nosniff
age: 121662
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133818
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 17:59:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Sep 2023 04:09:11 GMT

POST
H2 202 event Show response
prebid-a.rubiconproject.com/ 61 B
225 B 13ms
13ms XHR
application/json 18.195.227.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.227.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-227-5.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 06 Sep 2022 13:56:53 GMT
content-length: 61
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json

GET
H3 202 6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/ad/impression/ Frame DB60 0
487 B 119ms
119ms Image
text/plain 2606:4700:3030::6815:251b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=1036083
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F7Vof23iOQsWnQpKR3S8fAbg9UeYt3rXGM9XlIINx1IXlRkOMZHTnL5OhfVDKG6%2FTV5cqNpPsc1FVQk822eMYjJ%2B9ky42HFsnNXjs2N%2BZBAH%2F9aKUyl41OSLOQKXdk2tuPZ2lWlRsqOxlYwi0uk2PWakag%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 7467b5eb5dbc9091-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: FxJKCLWejZ2H56gAfTQi

GET
BLOB 200
OK 3f175fa0-187d-4184-bfd9-1980394f8afa
https://www.fox13now.com/ Frame DB60 789 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.fox13now.com/3f175fa0-187d-4184-bfd9-1980394f8afa
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length: 789
Content-Type: application/javascript

GET
H2 200 6d6d25e3-5be4-444b-82ae-a8f0bb892234.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame C54D 96 KB
24 KB 18ms
17ms Script
application/javascript 2600:9000:218e:2200:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by: Host: 2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com
URL: https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218e:2200:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b96e6beab93cd979f18edcb11b5b9c620f4cf74e43aa3a2b0406cdbb4739c676

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: 9wKw90O6OLYQVSQjAP8lq5XcV5Wycjaq
content-encoding: br
last-modified: Thu, 14 Jul 2022 18:53:52 GMT
server: AmazonS3
age: 810
etag: W/"1b3451aff703aa6bf4280ce6308cc11c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfd596aba0de57f83442d2ebd6b268f4.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
date: Tue, 06 Sep 2022 13:44:49 GMT
x-amz-cf-pop: CDG52-P1
x-amz-cf-id: cUDV--0S7tyYCHgAbcImg_8lDZrU2zAi4cYteCyFI4Y_oBKLGKcARg==

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame ABC0 624 B
838 B 94ms
56ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj69fnQATAB&v=APEucNXFfa6kBTGCmfLLsTuY256f6LzyO47BisZTJFSb3ElmE1zSztHgdGcuuDXQIRJ2htLP0jmYj_p1o0G0TNC0QCv40_cJJMMTLOjBNn9DM6xML-fBtkVmS0erqCXHSeJGeK1A8WgB6kybPgeEXoBV9aiSLiWji3S05cxAQEfndyhSuTx5JLk

Requested by

Host: 2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com
URL: https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 13:56:53 GMT
expires: Tue, 06 Sep 2022 13:56:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C54D 81 KB
34 KB 101ms
64ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AudA4O7Z7U23Shorm1JLOfmMFjB_V6n8bg9HVTDcQIWTxbMBDyMfRrzvbMYlz3daWlxZcVRMC5Nnyu_2-_hagPJywQHg&cry=1&dbm_d=AKAmf-BvNnRl-5pOnqig0ptjCJBar7RDQyoVMK0VbT98r7RC0cKlXbUGdJ1njEgwQQBUAtqF5SsUGHEA0JWZ9fM0LqQIUfwtGU44WQQ2X0kDdbCKWJ-cWzGjepFBHTdBJBV74viaZlzWjaS688GJYYW1My2ny7w5rp5LqkW5GT0oBBwov1ktuVwtEV42dMdOjtfSl2cMZuCGmoTjQ54Rl-40EAGhRMQFVP46sOovSRDJAEALMsLrqur4Qjn3xJEdB79gjXSH7Xry0uq5AvgL27uxcXC_St9D8EPEzUQASTcxanx4JzGeJ9_hLo8kSVfaMowl1lXZZJQdJjSKeyRcke6D_qBzcGc_VBXrFX_GKGTHbk4BIPAOpRHamyU6MZ_J8Jux_Ai7eVmrnn0pQzvbb68jaoHOCGg-9c0vj6tF7tVPcwMoVD4KK__Zv0sk1qAMGRYyHENt78rSW0KOqiRRqzjV18Np48_C9RlDewFx-augTslBjGkcT1tTlSAMaMOoV6R7nPcnKALExVN2PBqSu6QppRsJaZT9rLeqNc0GDIK2m2zBdvhkE0H-UxMUCLyAn3A0Qhf-WTiNewC68QghKfEG2FtC9utuGs9ntKUwo4NJtWApKtQn6KxQb3obENLpArKpGggBbS7CSj0XebRVOkxIEPCKwCofEUsjqTbFYxjolAeuaG8sRsdhI7AxnvfZTRcVXPa_8YaQRol0BApyiIyaLZR8eE9fM_NlWg9FVeDekmcyCgTqwdusBTkP8L7LUnMBAc9PfsQ1MXZcDLlOJmVvMLOUaT6cmPu3mL6RmDe_PEV6sBIX0VADW-44PyusyIlwRHkLj2fWA3vKd_Bfrc-SKaiPhX_tOr1Cy4FZ86Tg-OlLRzSX7fsNxc45RczIaauk7oWmqIFikHBqKRrnC_JlAaUzagiqdzXdZXdzeFdazQs4L4Dyw_xTaqSNOdteKi-RdZq6PZ3aP2ywgIwfsrtIryM9u1s2DjI725ZewWepgJUvB0MeQ7tpvgBzy5Q_BuO6M_i7WlDna7M7a2bQcybt810LmRiZ31-WafounUXRCjtmqHKILWMFR0xKh1UmCy_7L-W-2YQKPp1RfCPM0K6966JOP0INiBzfGRlANOE4OiZFZV9aQbkkjC7bURjWn8WS_Y5P-Ov7IBDJ6qFLf558LspYIQe9b8LBlrexLwrBK_rFSMOod3d2d5H_B3QzL3MY1HS9O6HLCAltEKbw7Kk1atIj5pGnd_n9jHoWmhDRCBbZP4Ak22pStczHdjjDwlPqBKJJ_R1ED719IZ8XoCOrAELIOrU8L9CyJ9xOKcNTnYKytb_0whh6nzPSBdYtxOPbucC_jr-FHZCfY0UpsfkYTxgI7QwOdBNbQll4Dz9ms7PrgyHCHkqzA_UEjtixsYzx0do4EK_P44SD0DrUhvTbJh69AqdvQJuEUxVndIY7ucasBBM-3DscEcZA2GCY5Mne3_VDShzkweh-U7w6Fd1TaoOzC_pyo-OFUZ6u0gaN_Lbmj0fSbmSUzOYtzO8zrPVnUdXrOXYSoM6m8m4AzWpl6csHXB7ZLEUq5ZuFfx3Y9Z-WcOMgfq-VDEfHNN5e--m6RcIQqjoqlSrZF-dF4Hfm7feq4i6bleavEGI43edFrHm9A0Xurg0aesx9kLLOVXY12OaQO5tMvQawxzQSkxDWHhYnnx2WvuEtrXut6PnJyTf5l7cRlJZ_VcKN8yd9VVMBKJBX_vwl3Ld6bsyaWagmlV8wVWVl-dPi0GTaKqBCnahd2tem1QDGVlE5ZCgdUMSuS_PJQvy_9bwFnj_IXSyamkwEiklU6O-sgefIYrX2azrvydtRKLW-WW8IAtwC1xdwrQ4wTW145LQLU-JojxE26qLlsKKb2L2qshyz8mXKL0C97snlWYRquQ9JIX8y4MQ4oo5Fj7Ah9TManAP6GuDUbsYVstzBGZPjE9KAED7iWJHZv73pi8h_s0Rh5yujp4IGrREoRqjSVAzLGxqeuB1UlwjC944KcATjrNLTlcS2JpGjpQx2kS5ybhrk9t-rG60OFcK_egFuIdKzFedF-DLgJGpalKHH5vQSdzd_5CFA4r-ysTLeRUMRWgaMP05ZxA2NLCIERia9arR3vlUufyygbSLaWvsL4jOXuw0WLH4i-KpOeBJTqoLDM477NRyezJWXubYQpj1RzVG2mYs6omiL_sDU5ZflBl5Kq73DAxM7pKmjpaxgF8W938l7eU7y7q7s33WSMhaPazIaRGHlO_9pCZ-5bxx-t4h0MKnJPacXgLms2mIllO4O3ZSc41nVmn9SbrDfj6xN1rFJoRAIRICZ6NFEsVyXXc65-Ol2w6sYQs_WPyWtx6mlLS94lQdnudKabKqme8MmDYLmRt2bnMKOAOwSG6tzd3U0-XtcVGVf2M9ZWAbg5-JiOkY9Sgq9ey1sycegQEtI_uAqCrvZmJQAu9ukHDzS-7yRo1rsznEM4r4tiGOBcewCedSJRdyd1RckqVm1JH1-CWN7p2SAU2pVzl8hOMPdU5_8lSnlXeubeZUEjZDTHcyLQ9brEyc40Yd-0kT1BMaZsGuvZ0ArHkfXBwHh2dUmzR6uzz8rXG9PMLH4gW5HBkaIz3J7yACLPr5OFjXNJlhTyBN5QvfwQHuty6BZV5ggG7YpBjSLlCdX79a23ksTHpzMiEMS5MriC4wGMTefcWh1ueG3vi3TKLHLm7yb77MVB4BEO1WP0ZCI4QNxDOcQq2VV9PtlLN4liJJhHi01qgn2YyZvc0P1QoqYFX2b_HeaAoFNIIz_5oio2X5AyN317W1vLFyOSy8M3NAy7mFwnJ2dF_RPjXlyFfZ9zaaQlGVq8b_0rFEvTr-i1LBzluOzKppj_76iyrR6Iq8x6MCF7Z9E7Ny7vUbuJdH1VfTsIN_FOOgIm4L3fZHuwKiPsh0UuP_1fwsee8sfJGYr0hbdXCnxbwPUxiVofK5SoWMPWbSOVcZ_ayQzGXdtKnshuER8EB4mQrNv-uaqEdfvB8ZZusjdH0PIwzi_TEjx8NoaVLrPLcNQLvWfWXKddV5HDVRdKZhibMqAze7H1uTEuaMY0yhi2pz75PSEkCwrex-V2OujNnf4E-rJlpCvd_3kC5IGY2Wk_kZ4IFLs3WkzEENTamD9l96tnYZHGomecbVIiFBqhHtqLypX4vse8tFLuyv_v4TwUD7B96iSPvtpenDw6qjmLVcrbJxq-SeRtI51JbmAuA&cid=CAASKORoIZ7TC6j6lf5f96Y-qSCS1NrfjwnMrm8xZZNI4UNLhD5c_hao0IY&rfl=1%2Chttps%253A%252F%252Fwww.fox13now.com%252F%240

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0f4d612cc37f2d36ab742573f2a862bae5682ce502d57194da852cc511b656e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 13:56:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34112
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C54D 42 B
63 B 48ms
47ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ATz4IdSUInTHjpXG_ctp7a9d-YryykcID5z9Mphte569ahQVycIIPATD5TZvtF1TybXp-pYfFVLlG4bULsuVn0rlwS0MIBS2kycrK981oymyeDrJE

Requested by

Host: 2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com
URL: https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 13:56:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame C54D 3 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com
URL: https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Sep 2022 13:56:16 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C54D 142 KB
44 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com
URL: https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Sep 2022 13:56:53 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame C54D 17 KB
7 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com
URL: https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Sep 2022 13:56:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C54D 0
0 22ms
22ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTNzPRQcvWvIYyf5yI4Hk-65kPTaOyY_7pAkN7WnF1a17b_flp29yTdeSc0bo8wiwN_iJxXXR6zDc9LbMb1jyo7EsrTjQ
Requested by: Host: 2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com
URL: https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DB60 0
0 51ms
50ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvAIasmDoOebTYq0x-h-37bvZfrBwfV1Pd4Q7Gun0M7CKwozpSmIiotPXdPu4IWPUZLJI_j2riKwSCPsXEn08Xvgdyp-HvBY731nmb4PuCvBagmIKm5D3UEedS1twsk0ZzF1BBPKYrcydB4z9u61Y4F6qLPXuvR_XzJONItQ8UV2VOm5LU2BbC57-xG5VJZtLQ823WzNPVT5-EUORPgjViG8aSSMzv7SPk0JnSxK7CXap3CQJiE1sKMBAWUGSGL5fzFybkur68GoUvWWM1uM3vqZQg3RhPW1QYZ3YqPgEeqt99DQyFpEjG6Bl1Ay4xTDNJ28MaboAfZtJRQNZTI-7uY-puX&sai=AMfl-YQf5CC8W9Vr3Y_2mDzQDOzSxjVYQcoI4gC2o3mG1vtyeLoYsREyZRWKT5lQBuQmVne8aV7JqBJrXZYmSXKUnF1lVExGK0CDzMz3VwAhg2PCyP5E2smNZkB2r3EwKkT6BjM&sig=Cg0ArKJSzOXvj6zTKGckEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Sep 2022 13:56:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 06 Sep 2022 13:56:53 GMT

GET
DATA 200
OK truncated
/ Frame DB60 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f76eb4002f16fb7e104973e52bc778f324ff7c75c8ebbcdc1d37a0b1e0872ac9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 202 6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/ad/impression/ Frame C54D 0
486 B 121ms
121ms Image
text/plain 2606:4700:3030::6815:251b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=625343
Requested by: Host: 2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com
URL: https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2GfCPiDqPB4pnqA2mjK2jbAmD4Tywg%2BcrKsKlrJx0DiD6WH9RddgH1mGTS4IcXxlIsmbfKdZhPDuxnHojxEnPXT%2Fikii0GzMNvIOa6uSRH7jkND5P92avXnz4%2Bsee6Gdi1adxVUiFqqSi%2FLPp93jRmb6Og%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 7467b5ebee5d9091-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: FxJKCLrBhvW6RbsABpSi

GET
BLOB 200
OK a385d463-56a9-49dd-89e4-a0c467a3224d
https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/ Frame C54D 789 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/a385d463-56a9-49dd-89e4-a0c467a3224d
Requested by: Host: 2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com
URL: https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length: 789
Content-Type: application/javascript

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame ABC0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIfWaQihLfOgJqKK9QyAr9s&google_cver=1

43 B
844 B

26ms
25ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIfWaQihLfOgJqKK9QyAr9s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj69fnQATAB&v=APEucNXFfa6kBTGCmfLLsTuY256f6LzyO47BisZTJFSb3ElmE1zSztHgdGcuuDXQIRJ2htLP0jmYj_p1o0G0TNC0QCv40_cJJMMTLOjBNn9DM6xML-fBtkVmS0erqCXHSeJGeK1A8WgB6kybPgeEXoBV9aiSLiWji3S05cxAQEfndyhSuTx5JLk
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7467b5eccdb5bbf5-FRA
pragma: no-cache
date: Tue, 06 Sep 2022 13:56:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYJucZ%2FVVHpyQlTDVPZo25%2BEFIlxPRm6j8bZQBfwwKDI8fFLltTg2lE0KtNfBFqaPJ338wb5P8FHITK8VTYMfDSXlISUSIKTE25KFvm0cJuDIjZto%2BWtBZTPEhebtjGDUpwZmhlB6oHxjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Sep 2022 13:56:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIfWaQihLfOgJqKK9QyAr9s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame ABC0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxdRpeBRLNHHlArp8vA1-AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIfWaQihLfOgJqKK9QyAr9s&google_cver=1

43 B
841 B

21ms
21ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIfWaQihLfOgJqKK9QyAr9s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj69fnQATAB&v=APEucNXFfa6kBTGCmfLLsTuY256f6LzyO47BisZTJFSb3ElmE1zSztHgdGcuuDXQIRJ2htLP0jmYj_p1o0G0TNC0QCv40_cJJMMTLOjBNn9DM6xML-fBtkVmS0erqCXHSeJGeK1A8WgB6kybPgeEXoBV9aiSLiWji3S05cxAQEfndyhSuTx5JLk
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7467b5ed3e69bbf5-FRA
pragma: no-cache
date: Tue, 06 Sep 2022 13:56:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74EjK5Cl5O3z1lH80%2FwhwlgKDVwFNdAT652I5LIEMyKQB2t3lvQbe8LqeR6L5weFovM%2B9hy8oT2Cyz6vKwC3BqZ3EKNc7wy2bxvkkBWqzL6UDjAyYNlawUZYsiCJRwWsYyYSR2z454odbA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Sep 2022 13:56:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIfWaQihLfOgJqKK9QyAr9s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame ABC0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDDp1A0TQ76_nTd0OJTh0BA&google_cver=1

43 B
1020 B

8ms
8ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDDp1A0TQ76_nTd0OJTh0BA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj69fnQATAB&v=APEucNXFfa6kBTGCmfLLsTuY256f6LzyO47BisZTJFSb3ElmE1zSztHgdGcuuDXQIRJ2htLP0jmYj_p1o0G0TNC0QCv40_cJJMMTLOjBNn9DM6xML-fBtkVmS0erqCXHSeJGeK1A8WgB6kybPgeEXoBV9aiSLiWji3S05cxAQEfndyhSuTx5JLk

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Sep 2022 13:56:53 GMT
X-Proxy-Origin: 178.162.209.141; 178.162.209.141; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 40208ed8-d693-4bce-80fa-8635e4c12d39
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Sep 2022 13:56:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDDp1A0TQ76_nTd0OJTh0BA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame ABC0
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTIxNzUyMDA4MzUzMTk2NDk4OA%3D%3D

170 B
243 B

51ms
26ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTIxNzUyMDA4MzUzMTk2NDk4OA%3D%3D

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 13:56:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 06 Sep 2022 13:56:53 GMT
X-Proxy-Origin: 178.162.209.141; 178.162.209.141; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 06a6e79a-5d4f-4fb4-bb25-069ad1fb8b2c
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTIxNzUyMDA4MzUzMTk2NDk4OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame C54D 106 KB
37 KB 42ms
13ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/
Origin: https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 07:50:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21957
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Sep 2022 07:50:56 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame C54D 8 KB
3 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AudA4O7Z7U23Shorm1JLOfmMFjB_V6n8bg9HVTDcQIWTxbMBDyMfRrzvbMYlz3daWlxZcVRMC5Nnyu_2-_hagPJywQHg&cry=1&dbm_d=AKAmf-BvNnRl-5pOnqig0ptjCJBar7RDQyoVMK0VbT98r7RC0cKlXbUGdJ1njEgwQQBUAtqF5SsUGHEA0JWZ9fM0LqQIUfwtGU44WQQ2X0kDdbCKWJ-cWzGjepFBHTdBJBV74viaZlzWjaS688GJYYW1My2ny7w5rp5LqkW5GT0oBBwov1ktuVwtEV42dMdOjtfSl2cMZuCGmoTjQ54Rl-40EAGhRMQFVP46sOovSRDJAEALMsLrqur4Qjn3xJEdB79gjXSH7Xry0uq5AvgL27uxcXC_St9D8EPEzUQASTcxanx4JzGeJ9_hLo8kSVfaMowl1lXZZJQdJjSKeyRcke6D_qBzcGc_VBXrFX_GKGTHbk4BIPAOpRHamyU6MZ_J8Jux_Ai7eVmrnn0pQzvbb68jaoHOCGg-9c0vj6tF7tVPcwMoVD4KK__Zv0sk1qAMGRYyHENt78rSW0KOqiRRqzjV18Np48_C9RlDewFx-augTslBjGkcT1tTlSAMaMOoV6R7nPcnKALExVN2PBqSu6QppRsJaZT9rLeqNc0GDIK2m2zBdvhkE0H-UxMUCLyAn3A0Qhf-WTiNewC68QghKfEG2FtC9utuGs9ntKUwo4NJtWApKtQn6KxQb3obENLpArKpGggBbS7CSj0XebRVOkxIEPCKwCofEUsjqTbFYxjolAeuaG8sRsdhI7AxnvfZTRcVXPa_8YaQRol0BApyiIyaLZR8eE9fM_NlWg9FVeDekmcyCgTqwdusBTkP8L7LUnMBAc9PfsQ1MXZcDLlOJmVvMLOUaT6cmPu3mL6RmDe_PEV6sBIX0VADW-44PyusyIlwRHkLj2fWA3vKd_Bfrc-SKaiPhX_tOr1Cy4FZ86Tg-OlLRzSX7fsNxc45RczIaauk7oWmqIFikHBqKRrnC_JlAaUzagiqdzXdZXdzeFdazQs4L4Dyw_xTaqSNOdteKi-RdZq6PZ3aP2ywgIwfsrtIryM9u1s2DjI725ZewWepgJUvB0MeQ7tpvgBzy5Q_BuO6M_i7WlDna7M7a2bQcybt810LmRiZ31-WafounUXRCjtmqHKILWMFR0xKh1UmCy_7L-W-2YQKPp1RfCPM0K6966JOP0INiBzfGRlANOE4OiZFZV9aQbkkjC7bURjWn8WS_Y5P-Ov7IBDJ6qFLf558LspYIQe9b8LBlrexLwrBK_rFSMOod3d2d5H_B3QzL3MY1HS9O6HLCAltEKbw7Kk1atIj5pGnd_n9jHoWmhDRCBbZP4Ak22pStczHdjjDwlPqBKJJ_R1ED719IZ8XoCOrAELIOrU8L9CyJ9xOKcNTnYKytb_0whh6nzPSBdYtxOPbucC_jr-FHZCfY0UpsfkYTxgI7QwOdBNbQll4Dz9ms7PrgyHCHkqzA_UEjtixsYzx0do4EK_P44SD0DrUhvTbJh69AqdvQJuEUxVndIY7ucasBBM-3DscEcZA2GCY5Mne3_VDShzkweh-U7w6Fd1TaoOzC_pyo-OFUZ6u0gaN_Lbmj0fSbmSUzOYtzO8zrPVnUdXrOXYSoM6m8m4AzWpl6csHXB7ZLEUq5ZuFfx3Y9Z-WcOMgfq-VDEfHNN5e--m6RcIQqjoqlSrZF-dF4Hfm7feq4i6bleavEGI43edFrHm9A0Xurg0aesx9kLLOVXY12OaQO5tMvQawxzQSkxDWHhYnnx2WvuEtrXut6PnJyTf5l7cRlJZ_VcKN8yd9VVMBKJBX_vwl3Ld6bsyaWagmlV8wVWVl-dPi0GTaKqBCnahd2tem1QDGVlE5ZCgdUMSuS_PJQvy_9bwFnj_IXSyamkwEiklU6O-sgefIYrX2azrvydtRKLW-WW8IAtwC1xdwrQ4wTW145LQLU-JojxE26qLlsKKb2L2qshyz8mXKL0C97snlWYRquQ9JIX8y4MQ4oo5Fj7Ah9TManAP6GuDUbsYVstzBGZPjE9KAED7iWJHZv73pi8h_s0Rh5yujp4IGrREoRqjSVAzLGxqeuB1UlwjC944KcATjrNLTlcS2JpGjpQx2kS5ybhrk9t-rG60OFcK_egFuIdKzFedF-DLgJGpalKHH5vQSdzd_5CFA4r-ysTLeRUMRWgaMP05ZxA2NLCIERia9arR3vlUufyygbSLaWvsL4jOXuw0WLH4i-KpOeBJTqoLDM477NRyezJWXubYQpj1RzVG2mYs6omiL_sDU5ZflBl5Kq73DAxM7pKmjpaxgF8W938l7eU7y7q7s33WSMhaPazIaRGHlO_9pCZ-5bxx-t4h0MKnJPacXgLms2mIllO4O3ZSc41nVmn9SbrDfj6xN1rFJoRAIRICZ6NFEsVyXXc65-Ol2w6sYQs_WPyWtx6mlLS94lQdnudKabKqme8MmDYLmRt2bnMKOAOwSG6tzd3U0-XtcVGVf2M9ZWAbg5-JiOkY9Sgq9ey1sycegQEtI_uAqCrvZmJQAu9ukHDzS-7yRo1rsznEM4r4tiGOBcewCedSJRdyd1RckqVm1JH1-CWN7p2SAU2pVzl8hOMPdU5_8lSnlXeubeZUEjZDTHcyLQ9brEyc40Yd-0kT1BMaZsGuvZ0ArHkfXBwHh2dUmzR6uzz8rXG9PMLH4gW5HBkaIz3J7yACLPr5OFjXNJlhTyBN5QvfwQHuty6BZV5ggG7YpBjSLlCdX79a23ksTHpzMiEMS5MriC4wGMTefcWh1ueG3vi3TKLHLm7yb77MVB4BEO1WP0ZCI4QNxDOcQq2VV9PtlLN4liJJhHi01qgn2YyZvc0P1QoqYFX2b_HeaAoFNIIz_5oio2X5AyN317W1vLFyOSy8M3NAy7mFwnJ2dF_RPjXlyFfZ9zaaQlGVq8b_0rFEvTr-i1LBzluOzKppj_76iyrR6Iq8x6MCF7Z9E7Ny7vUbuJdH1VfTsIN_FOOgIm4L3fZHuwKiPsh0UuP_1fwsee8sfJGYr0hbdXCnxbwPUxiVofK5SoWMPWbSOVcZ_ayQzGXdtKnshuER8EB4mQrNv-uaqEdfvB8ZZusjdH0PIwzi_TEjx8NoaVLrPLcNQLvWfWXKddV5HDVRdKZhibMqAze7H1uTEuaMY0yhi2pz75PSEkCwrex-V2OujNnf4E-rJlpCvd_3kC5IGY2Wk_kZ4IFLs3WkzEENTamD9l96tnYZHGomecbVIiFBqhHtqLypX4vse8tFLuyv_v4TwUD7B96iSPvtpenDw6qjmLVcrbJxq-SeRtI51JbmAuA&cid=CAASKORoIZ7TC6j6lf5f96Y-qSCS1NrfjwnMrm8xZZNI4UNLhD5c_hao0IY&rfl=1%2Chttps%253A%252F%252Fwww.fox13now.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Sep 2022 13:55:53 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame C54D 30 KB
12 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11778
x-xss-protection: 0
server: cafe
etag: 15541287485089275602
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Sep 2022 13:53:55 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C54D 41 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com
URL: https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 367556
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Sep 2023 07:50:57 GMT

GET
DATA 200
OK truncated
/ Frame C54D 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59d66877dcf8e02aeb4c1f780b7b60d3a407ab9f499c88a678f37db008f4111a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6AAC 22 KB
8 KB 13ms
13ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 367556
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 07:50:57 GMT
expires: Sat, 02 Sep 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/ Frame 2737 6 KB
2 KB 46ms
16ms Document
text/html 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

412f0f1bf6963baa7ab3cb815bb089c0bde661d3f26bce235d290379ecc54ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 110172
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1883
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Sep 2022 07:20:41 GMT
expires: Tue, 05 Sep 2023 07:20:41 GMT
last-modified: Mon, 08 Aug 2022 14:41:03 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C54D 0
622 B 121ms
58ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOYvk5LqA0ymilD3S61_fn4DMWy-KjzQzvIf5pzhghDQZDMXMgwRA1R425akq7N-yeOWe9dBGX4sKatFH2rNwdnEJf_eiTHRWSMoqSfoHsoTL0cJyO_SiIatwQUdSkYAFcKVULaTAyVVZtxiLXusy053k4WG5zwHmuzs6jbNc-5hgMLD5Saj8NKZEcukCC1_AGCfXh75DoaeU5dWaPpQ1miC4jecJbEtT3gmdbmU-f_j8R655Z61c50IX29deYE_CD6Y4uE1Q5Ero4XPhc5zzh3UMsHAqLk_lIstSDlRYuaXzmNT4BeN5cmvDZd56i6as45U6VXaKjy9WZOAWGqjPBGUyXu1NYL4dfshn8l5poTzvTdKw4-YCECxBW5gF8lCZmdRbHZ-xCgs2IWqI9bN1OIR-v_B0tPfPWMiVfE_VgLbpY5amEBauLEeXA5ecqzGHlvYGwrdghvKN9U4i_skKIzbTluIhQhDZRQhfBCTKV803kXJFKKQU1Tlu_2FerVmzI1ZwG3-xHgAkpESnqyJKlQSa-sXVLwMMIdumGNQ-ewmP_eIWScXt8nWV69aHjVAiIft_0qcqFiaEgZZ5NKU1fIBgeKGbf8dMMvE9GbW7w0MEVqFagY837m9tFK0DTEg-wrtlzrmtywtfnMaV_P6UVS-TbxHlXLnJiZKVH6IeA0v9MOwlKZv2aQOn0fBdBgeKRkaykyvBtHQM9FJqFoO4QBwmFDZtPE3MtSWBHdoCLJzB1BPRCprSh0-PkzzUImzDgW6JcRAz0JiI_2wyi47F-E8swVPQkZNwwghF5pgp7onnsrztcdmXRshU4gg9jWScYC12pFgDpNLYjyEVAORuUK1_3rDu6QS7PkcSJPb52IOhm6dXUMer88cPNadd4q0-7U3zyMRbz5VgjDfRg9zmYKVxhQWX07z6aRGR--Bunu0RUiGLAMYHfhT33Ww79qEaNOxJQzNfRhCJIsh71SDisNvathvYp0d-VDhqsAMDtgliVcLbJHqbS5JbdVabaBbjhxl_zslHHbBP0e14BBww0M6usdRM3j0r6pLKvyFP9g-60SAAvBMzYZ8JVN-0e_PsX8aooLUVQ9MK-s5B-UdKRLgn1cyB3oRDf-j5BLBWS-0j5bqcpp3P_9nvxM5AlviOtuRyRtshPPCTaLGairUZKQ-gyejV8BebqLDPRcDuCsXqtk0djKXu9Wl5azy271JjITwgsLBzCE0WLyZk&sai=AMfl-YSF02XTTuTgKA3XFpOtWb_cxPWEHId0wbLNpMPOjy2yC1eoGCr6B6N7K7ramQacd7pICtgdANDgnkpXxVGu2t1bI5pVjm080Ot__eT6zqXtUS-gvnInBjozizisD2ahwtVvKhijjhxKh34kzK3ayDn6XALLY51tnBu7U7zadOzRLm2VriAlucQQCPxWf5yDDSH-Av3QhjnM0rxBtUkNGw9lkvyBaRHphQ&sig=Cg0ArKJSzOapZbQWir-9EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=58&cbvp=1&cstd=56&cisv=r20220831.24713&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 06 Sep 2022 13:56:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js Show response
pagead2.googlesyndication.com/bg/ Frame 6AAC 36 KB
16 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 15:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15954
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Sep 2023 15:40:41 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2737 60 KB
24 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Sep 2022 13:56:53 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/js/ Frame 2737 3 KB
880 B 14ms
14ms Script
application/x-javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/js/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e332958dca60b2a19fd275a0f09197eb58c4a6ee296171df4eb067942485f692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 07:20:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110171
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 851
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 14:41:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Sep 2023 07:20:42 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C54D 0
63 B 52ms
51ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOYvk5LqA0ymilD3S61_fn4DMWy-KjzQzvIf5pzhghDQZDMXMgwRA1R425akq7N-yeOWe9dBGX4sKatFH2rNwdnEJf_eiTHRWSMoqSfoHsoTL0cJyO_SiIatwQUdSkYAFcKVULaTAyVVZtxiLXusy053k4WG5zwHmuzs6jbNc-5hgMLD5Saj8NKZEcukCC1_AGCfXh75DoaeU5dWaPpQ1miC4jecJbEtT3gmdbmU-f_j8R655Z61c50IX29deYE_CD6Y4uE1Q5Ero4XPhc5zzh3UMsHAqLk_lIstSDlRYuaXzmNT4BeN5cmvDZd56i6as45U6VXaKjy9WZOAWGqjPBGUyXu1NYL4dfshn8l5poTzvTdKw4-YCECxBW5gF8lCZmdRbHZ-xCgs2IWqI9bN1OIR-v_B0tPfPWMiVfE_VgLbpY5amEBauLEeXA5ecqzGHlvYGwrdghvKN9U4i_skKIzbTluIhQhDZRQhfBCTKV803kXJFKKQU1Tlu_2FerVmzI1ZwG3-xHgAkpESnqyJKlQSa-sXVLwMMIdumGNQ-ewmP_eIWScXt8nWV69aHjVAiIft_0qcqFiaEgZZ5NKU1fIBgeKGbf8dMMvE9GbW7w0MEVqFagY837m9tFK0DTEg-wrtlzrmtywtfnMaV_P6UVS-TbxHlXLnJiZKVH6IeA0v9MOwlKZv2aQOn0fBdBgeKRkaykyvBtHQM9FJqFoO4QBwmFDZtPE3MtSWBHdoCLJzB1BPRCprSh0-PkzzUImzDgW6JcRAz0JiI_2wyi47F-E8swVPQkZNwwghF5pgp7onnsrztcdmXRshU4gg9jWScYC12pFgDpNLYjyEVAORuUK1_3rDu6QS7PkcSJPb52IOhm6dXUMer88cPNadd4q0-7U3zyMRbz5VgjDfRg9zmYKVxhQWX07z6aRGR--Bunu0RUiGLAMYHfhT33Ww79qEaNOxJQzNfRhCJIsh71SDisNvathvYp0d-VDhqsAMDtgliVcLbJHqbS5JbdVabaBbjhxl_zslHHbBP0e14BBww0M6usdRM3j0r6pLKvyFP9g-60SAAvBMzYZ8JVN-0e_PsX8aooLUVQ9MK-s5B-UdKRLgn1cyB3oRDf-j5BLBWS-0j5bqcpp3P_9nvxM5AlviOtuRyRtshPPCTaLGairUZKQ-gyejV8BebqLDPRcDuCsXqtk0djKXu9Wl5azy271JjITwgsLBzCE0WLyZk&sai=AMfl-YSF02XTTuTgKA3XFpOtWb_cxPWEHId0wbLNpMPOjy2yC1eoGCr6B6N7K7ramQacd7pICtgdANDgnkpXxVGu2t1bI5pVjm080Ot__eT6zqXtUS-gvnInBjozizisD2ahwtVvKhijjhxKh34kzK3ayDn6XALLY51tnBu7U7zadOzRLm2VriAlucQQCPxWf5yDDSH-Av3QhjnM0rxBtUkNGw9lkvyBaRHphQ&sig=Cg0ArKJSzOapZbQWir-9EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=176&vt=11&dtpt=118&dett=3&cstd=56&cisv=r20220831.24713&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Sep 2022 13:56:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 txt1@2x.png
s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/img/ Frame 2737 2 KB
2 KB 23ms
22ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/img/txt1@2x.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

833137b7bc2667c2da3d59438941bcb2cc534df1fc7674e2220c7c2127ce05cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 07:20:40 GMT
x-content-type-options: nosniff
age: 110174
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2453
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 14:41:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Sep 2023 07:20:40 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/img/ Frame 2737 2 KB
1 KB 21ms
21ms Image
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/img/logo.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 07:20:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110174
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 14:41:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Sep 2023 07:20:40 GMT

GET
H3 200 bg1@2x.jpg
s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/img/ Frame 2737 32 KB
32 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/img/bg1@2x.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

782291da22d5d84245499d521f3cb690a096b55dea7be089c5b841bf1631cc9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 07:20:40 GMT
x-content-type-options: nosniff
age: 110174
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32381
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 14:41:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Sep 2023 07:20:40 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6AAC 0
20 B 52ms
51ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0sY_pVEXY9jxLsi6x_APkvKR4AIAAAAAOAHgBAI&bg=!IiGlIWXNAAZTikH4c4o7ACkAdvg8Wr5J8eTlFTQYetLYnCXLOiLbiddgXnzGmEpWYGe-VoQ4yLp2lAIAAABmUgAAAAJoAQeZAucNz8B24oQAqg0MM5QegFoGkOVnoBDZydJ-fu60Q8Z2zXekiZstwDURyUbmtE1QYttF4vKberwiQrmxXiP_rFS4Wakn7ieoF-gmMH6-C1DlEkktSSDQjPvsRaykboGkgYA40FWKmzoaWbL16Vu74UfVXP7a4sfybXoZhsVVOTzwONPnwOI2lOgra2YJoG-f-opDNlxfOrox7J_aM_-VS5Xi9AF8A43FiTg0mzY5K50RVl0booL8jwGEeiQyge3YHZSl7ahjDumTkWmX_tGb6s_YqhaIvm38t_vzBH-hPUp3D5QBF7NN0UwlG29SDoyjlPWwKyFEzyEO9sieeNA8WlsviolWN8yxT4WpiibkHxXH3_ZKvqfSZx4ACOY_KauOdrVDkv5YeWgqP2CSC3yVO2Voi_pSIBpuA9tSMVXKgABCSbQLboYW0auXZvMyM_pNDeH-WunT6gfdC3PawVZrRCePll1Kdh0LlLNjiCBELKitPlSAhQAvZnmeuPvtLIiyUSDSBnChpJWQAyfG04Xek8r23IV5NF5Db1HPsv8o4Iba6-TBL4Qg2lVnFBgw3Kk1Be5IrPTrIeZvS1035aDBMUwL7ChS3_EX7in_xftjvYW3FTFljoUpyMg3ljloNhcCyhlfcz4veYCRw4fzT15898MubPYCGNvaFzdvZHMEgfyH-zKYzZxcLXPSKKvAUAjbOfhbFHG1iUej-FyMRM7CBGOJYjeppUwNTx2loR9iP3ElYXXxvsLSfFCRQf4VU06fJacisSdFl6yUv9dA77b3jnIK52_g-DyavpQxUmAmSM8NyPOj_uwTu8yGvimKdl683OPfxJN1NC1W4oBzsSRDGJlo_y_ufcSbhnkm5nqR_MeFVwca7_R3PY7iJxE6VBg8tLGjcYRX6Pe43mwB6pWEKBAMuVjL5gADdXACinOZsz3qCWYB8LDNOdwOTEQmjgHWXWgzi31rZoV_KACzG3bi8M8UkiX1ETVQJw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 13:56:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
49ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022090101&jk=3737824374582174&bg=!srGlsfXNAAZTikH4c4o7ACkAdvg8WuI_6celQJBr1j1xAWI-Ik8_N_IMu6UpZ9l95FMlqXgOCMKlNQIAAABiUgAAAANoAQeZAqoNc3bg9B3IWjfIGXsuJWdsYL0r0b06mXvlZDzPpE_GYbfhz5W-KgHFraJQehZ5bv4wTLA0lyCnV4fA74iQ_rtuTtntBP0LHJgsJ2UNe83SDW1f5Xq8Lw6i57Gku1dZV-IRHaDuC-KRz2xAgx5kjWpxv2k6enccfIZdJQ0bDlY0q-tTlTdN5X9gtvSuulMDrEgj3s2ZzV6kdk30QEooAB6H-izj47rCiK6kLx4Hs5bar8B0VyuQAQTPZ9Kaz0Dh1qgwNSFfEzGOnOC1NgmqZrBqK-N-h--wrcsRSUB7qdnMuasO-wUjj0b0Dkd7WWjf9vrh1Y96_AQiYPC9W3TLxs--y2TtOhC1Wlo-Ovd9GOA2l84KATzfWYRrBjTaIL_47AYBGvdyD20S5WFuBXgpa1MdRy1n64Pc1u5P3e_r8l7c_0VVqV_Jhu-yndLnR-uiDkyXMLzOk1K3jKm5pPk09BLW2gvT1ope7QpwnEcgPRKMI1XI9PAmXYKtyzs7RDdltXnE6mt1V4Ulso2EJy0SwvuAnxmo73VVSU_M5Cjui3RDsYPu_Tpm9Om7nz25gDce8KCrMIDG1kd6FWjRUukALm4RR0LOPstqNScszgVT0oGZl3uPCai26YB8YdCcday0l1ZcbsR89M280IfWrwny7MGkKVPWk4rum3bVd64zfKzjGIv56UzjSg0O8w84EwJKunF4RYqpw80cGbUJ6FVhQdsBl_yOoXfCwLw88oXUgCP2iuYZVN59mLkW2VdGWrHWWoVFLlfOKktPaVgii38XolOnRQFQOZI93qVKy0KrQWB4bwD6yj6XzCy0W_LKXQnuAk1_kZEUfnCPFqkYOsq-55OiehMRqSRfXlUA33rFgLAYnIUhASGA3cjbRuN2Squ_2zIYoX4PdSk6yw5a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 749D 42 B
64 B 82ms
50ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxJpPWdZOqq1WVQh83n-aOw5k8IP5V-7zvSJWfN2sh8sLWqKLtV5dbNGDQUgP-FFZZG2_kWpvM2sGNTF80h_nKlHaTuNTBoSPgRrG4NLujeHuLofkB&sig=Cg0ArKJSzKawmreRtAV2EAE&id=lidar2&mcvt=1001&p=263,315,513,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220831&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1666007649&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662472613333&rpt=154&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 13:56:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C54D 42 B
64 B 52ms
52ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssDWNJSMgjzsF4CR9pXwb1hHRa8JnCuRmVI5qwvPHBl4_BiW6YyRt_1Qla0ELVVJdEWpzdEb1Noty3ZMP6Es1dQ9E6Bwk8_ObQixwJrgXSNr0YfIdNetqc0HFUJO8Z352NtSQPJRik&sai=AMfl-YSwyMCY-Z56Ko4h70En05XMNQxRFOAaoxqMU7w3xEiyyYHfunk6npzzm9cmJfmBqHBG9uJBJ3SIqWi7h8XFa11-mz4I-wwMZApyczpWtW6AQsPDSG0u9eY--XYIRgC1&sig=Cg0ArKJSzKH7MF70qs3zEAE&cid=CAASKORoIZ7TC6j6lf5f96Y-qSCS1NrfjwnMrm8xZZNI4UNLhD5c_hao0IY&id=lidar2&mcvt=1000&p=1106,436,1196,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=173361388&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662472613617&rpt=242&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 13:56:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/css/ Frame 2737 2 KB
496 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c980c12d2d739240b988a2be26ec7c5e686a3a44ec2031f56a2bd1a4a0e4ad76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 07:20:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 467
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 14:41:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Sep 2023 07:20:43 GMT

GET
H3 200 txt2@2x.png
s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/img/ Frame 2737 3 KB
3 KB 14ms
13ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/img/txt2@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

742dfc497faa6aa260528f4f74ca8ddefc6ba6b2934e7b80d85825f4f91124d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 07:20:41 GMT
x-content-type-options: nosniff
age: 110174
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2564
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 14:41:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Sep 2023 07:20:41 GMT

GET
H3 200 txt3@2x.png
s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/img/ Frame 2737 2 KB
2 KB 18ms
16ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/img/txt3@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be0e87bfa7c189736cd77ae3fdcae0a3ab5f5811eeb105cfe358c0203f8d002e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 07:20:41 GMT
x-content-type-options: nosniff
age: 110174
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2257
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 14:41:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Sep 2023 07:20:41 GMT

GET
H3 200 txt4@2x.png
s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/img/ Frame 2737 2 KB
2 KB 23ms
21ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/img/txt4@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a802261b904acce7351cda2483fe4f7abbf59102abce8b7020d33492c53258a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 07:20:41 GMT
x-content-type-options: nosniff
age: 110174
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1799
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 14:41:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Sep 2023 07:20:41 GMT

GET
H3 200 txt5@2x.png
s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/img/ Frame 2737 2 KB
2 KB 22ms
20ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/img/txt5@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

627423dcac183448d03314057fec8692f22d57c9872bd89a966c84bf2111620e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 07:20:41 GMT
x-content-type-options: nosniff
age: 110174
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2069
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 14:41:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Sep 2023 07:20:41 GMT

GET
H3 200 cta@2x.png
s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/img/ Frame 2737 706 B
733 B 21ms
19ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/img/cta@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7bafdef42657f4396a444095d1de9a159d964b4f0fc5d6593af3dcca5febf4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 07:20:41 GMT
x-content-type-options: nosniff
age: 110174
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 706
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 14:41:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Sep 2023 07:20:41 GMT

GET
H3 200 cta2@2x.png
s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/img/ Frame 2737 705 B
732 B 22ms
20ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/img/cta2@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96601a23ced547dddfc5b0d1991c9109ced3b345fcc8aafd86fe23a07e70c19d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 07:20:41 GMT
x-content-type-options: nosniff
age: 110174
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 705
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 14:41:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Sep 2023 07:20:41 GMT

GET
H3 200 disclaimer@2x.png
s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/img/ Frame 2737 571 B
598 B 19ms
18ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/img/disclaimer@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

905fe7d6c73796803b46ec33f1e840262361397a12c3924fc82b79f1149bdcec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 07:20:41 GMT
x-content-type-options: nosniff
age: 110174
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 571
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 14:41:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Sep 2023 07:20:41 GMT

GET
H3 200 logo2.svg
s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/img/ Frame 2737 2 KB
1 KB 19ms
17ms Image
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/img/logo2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 07:20:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110174
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 14:41:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Sep 2023 07:20:41 GMT

GET
H3 200 bg2@2x.jpg
s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/img/ Frame 2737 21 KB
21 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/img/bg2@2x.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edbb929d5353b640b3efb430a7669c3e036080b015ccb06560bbe667367874c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 07:20:41 GMT
x-content-type-options: nosniff
age: 110174
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21376
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 14:41:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Sep 2023 07:20:41 GMT

GET
H3 200 legals@2x.png
s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/img/ Frame 2737 12 KB
12 KB 23ms
21ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/img/legals@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66f3dc65f9aa7a72d3cf84f4aecea342a865bcdc7dc66ef3e8a54b77b584155c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3442095585081010891/47-IWE-Sondermodelle-Leaderboard-728x90-Range/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 07:20:41 GMT
x-content-type-options: nosniff
age: 110174
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12394
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 14:41:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Sep 2023 07:20:41 GMT

POST
H/1.1 200
OK abt Show response
capi-tier-1-us-east-2.connatix.com/tr/ Frame 5B6A 0
317 B 107ms
106ms XHR
application/x-protobuf 18.219.108.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-1-us-east-2.connatix.com/tr/abt?v=180443
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.219.108.29 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-108-29.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 06 Sep 2022 13:56:56 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET /
ssc-cms.33across.com/ps/ Frame 6DD1 0
0

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame D1EA 0
0 233ms
43ms Document
text/html 23.54.109.149

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.54.109.149 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 06 Sep 2022 13:56:58 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 pd
u.openx.net/w/1.0/ Frame 04D2 0
80 B 84ms
20ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Tue, 06 Sep 2022 13:56:58 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 sync
eb2.3lift.com/ Frame 36DD 37 B
139 B 38ms
9ms Document
image/gif 76.223.111.18

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Tue, 06 Sep 2022 13:56:58 GMT

GET
H2 200 sync.html
public.servenobid.com/ Frame E36F 9 KB
4 KB 40ms
9ms Document
text/html 13.32.99.50

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.50 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32757
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Tue, 06 Sep 2022 04:51:02 GMT
etag: W/"3b058e9cd661ca6990301a82cf5d448f"
last-modified: Wed, 17 Aug 2022 23:23:08 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
x-amz-cf-id: qxcq7vdpnwujNw8BtxtWpzb1sMGCZcthcYF27rthNOi5ExlSjKwJgg==
x-amz-cf-pop: FRA60-P3
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:049b4e88-3480-44ce-bc71-9207efe847a1
x-amz-meta-codebuild-content-md5: 77e8f986028c7819a018b65a51e4d1c5
x-amz-meta-codebuild-content-sha256: 4cf0411e60b9185dacd3ae0196e3adabe45eed1b64ea27e89ed58c43c33d4297
x-cache: Hit from cloudfront

GET
H2 200 sync
eb2.3lift.com/ Frame 46F6 37 B
140 B 35ms
9ms Document
image/gif 76.223.111.18

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Tue, 06 Sep 2022 13:56:58 GMT

GET
H2 200 sync.html
public.servenobid.com/ Frame 9D95 9 KB
4 KB 38ms
10ms Document
text/html 13.32.99.50

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.50 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32757
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Tue, 06 Sep 2022 04:51:02 GMT
etag: W/"3b058e9cd661ca6990301a82cf5d448f"
last-modified: Wed, 17 Aug 2022 23:23:08 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
x-amz-cf-id: XVgKy-KMFXsExXV6J03QGIs1Lm5eZFm2gHYrfPHYXpIrujBVrU-4eQ==
x-amz-cf-pop: FRA60-P3
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:049b4e88-3480-44ce-bc71-9207efe847a1
x-amz-meta-codebuild-content-md5: 77e8f986028c7819a018b65a51e4d1c5
x-amz-meta-codebuild-content-sha256: 4cf0411e60b9185dacd3ae0196e3adabe45eed1b64ea27e89ed58c43c33d4297
x-cache: Hit from cloudfront

GET
H2 200 2000248.html
sync.serverbid.com/ss/ Frame 7C46 3 KB
1 KB 39ms
8ms Document
text/html 18.66.97.79

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.serverbid.com/ss/2000248.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.79 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 46806
content-encoding: gzip
content-type: text/html
date: Tue, 06 Sep 2022 02:17:57 GMT
etag: W/"96a26d48279439dfc8bddf89897d3b51"
last-modified: Sun, 04 Sep 2022 19:49:27 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-id: xikojSVKYndEDUQ2UrZ3qHAYW5QZlph4vnpB2lnobAp-3J_ebpzztQ==
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame 91A1 9 KB
0 207ms
10ms Document
text/html 23.35.236.188

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 06 Sep 2022 13:56:58 GMT
ETag: "623de86a-cf34"
Expires: Wed, 07 Sep 2022 13:57:00 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 2000248.html
sync.serverbid.com/ss/ Frame 7503 3 KB
1 KB 39ms
9ms Document
text/html 18.66.97.79

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.serverbid.com/ss/2000248.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.79 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 46806
content-encoding: gzip
content-type: text/html
date: Tue, 06 Sep 2022 02:17:57 GMT
etag: W/"96a26d48279439dfc8bddf89897d3b51"
last-modified: Sun, 04 Sep 2022 19:49:27 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-id: IiR3Ex7tvveYsc8ge7RIavRKdq2a3K5_0UdKMOaVflrFs7t9IO6epQ==
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame E593 9 KB
0 208ms
12ms Document
text/html 23.35.236.188

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 06 Sep 2022 13:56:58 GMT
ETag: "623de86a-cf34"
Expires: Wed, 07 Sep 2022 13:57:00 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 pd
u.openx.net/w/1.0/ Frame A5FB 0
91 B 74ms
18ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Tue, 06 Sep 2022 13:56:58 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200 9.gif
id5-sync.com/s/441/ 43 B
1 KB 66ms
15ms Image
image/gif 141.95.98.71

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.71 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:58 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0368 0
0 41ms
11ms Document
text/html 23.35.236.201

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=172242
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Tue, 06 Sep 2022 13:56:58 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 08 Sep 2022 13:47:40 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 13926
g2.gumgum.com/usync/ Frame 4958 0
0 39ms
33ms Document
text/html 63.35.80.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.80.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-80-4.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Tue, 06 Sep 2022 13:56:58 GMT
etag: W/"084513834c796e5f066e36d3e789be509"
server: nginx
timing-allow-origin: *

GET /
onetag-sys.com/usync/ Frame 3926 0
0

GET sync
ssbsync.smartadserver.com/api/ Frame 7B09 0
0

GET usermatch
ssum-sec.casalemedia.com/ Frame 705A 0
0

GET

usync.html
eus.rubiconproject.com/ Frame 8143
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

0
0

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame E36F 0
239 B 147ms
24ms Image
image/gif 69.173.144.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

GET
H2

200

sync
ads.servenobid.com/ Frame E36F
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=312&uid=9217520083531964988

0
344 B

29ms
29ms

Image
image/avif

3.248.153.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=9217520083531964988
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 3.248.153.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-153-68.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 13:56:58 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Tue, 06 Sep 2022 13:56:58 GMT
X-Proxy-Origin: 178.162.209.141; 178.162.209.141; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5a6ed765-fa9a-4a11-bd69-159e8ace3ade
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ads.servenobid.com/sync?pid=312&uid=9217520083531964988
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET

merge
ce.lijit.com/ Frame E36F
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1

0
0

GET pixel
ap.lijit.com/ Frame E36F 0
0

GET getuid
x.yieldlift.com/ Frame E36F 0
0

GET

rmpssp
sync.1rx.io/usersync2/ Frame E36F
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1662472618900

0
0

GET cm
p.rfihub.com/ Frame E36F 0
0

GET usa
sync.go.sonobi.com/ Frame E36F 0
0

GET

sync
ads.servenobid.com/ Frame E36F
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ads.servenobid.com/sync?pid=327&uid=8de0f55f-4231-4ca8-a2c0-93cc6e31cd8f&gdpr=0&gdpr_consent=&us_privacy=1YN-

0
0

GET

occ
ups.analytics.yahoo.com/ups/58559/ Frame E36F
Redirect Chain

https://ups.analytics.yahoo.com/ups/58559/occ
https://ups.analytics.yahoo.com/ups/58559/occ?verify=true

0
0

GET redirectuser
ssp.disqus.com/ Frame E36F 0
0

GET occ
ups.analytics.yahoo.com/ups/58632/ Frame E36F 0
0

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 84F0 0
0 33ms
12ms Document
text/html 23.35.236.201

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=172242
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Tue, 06 Sep 2022 13:56:58 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 08 Sep 2022 13:47:40 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 9D95 0
239 B 54ms
24ms Image
image/gif 69.173.144.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

GET
H2 200 13926
g2.gumgum.com/usync/ Frame B228 0
0 44ms
42ms Document
text/html 63.35.80.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.80.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-80-4.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Tue, 06 Sep 2022 13:56:58 GMT
etag: W/"07368b54d6293607d6324a2775cfe875b"
server: nginx
timing-allow-origin: *

GET merge
ce.lijit.com/ Frame 9D95 0
0

GET pixel
ap.lijit.com/ Frame 9D95 0
0

GET getuid
x.yieldlift.com/ Frame 9D95 0
0

GET /
onetag-sys.com/usync/ Frame CC9E 0
0

GET sync
ssbsync.smartadserver.com/api/ Frame 3511 0
0

GET

rmpssp
sync.1rx.io/usersync2/ Frame 9D95
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1662472618900

0
0

GET cm
p.rfihub.com/ Frame 9D95 0
0

GET usa
sync.go.sonobi.com/ Frame 9D95 0
0

GET

sync
ads.servenobid.com/ Frame 9D95
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ads.servenobid.com/sync?pid=327&uid=c89ba42b-219c-45e8-9df2-ea664f3fefea&gdpr=0&gdpr_consent=&us_privacy=1YN-

0
0

GET usermatch
ssum-sec.casalemedia.com/ Frame F3CB 0
0

GET

occ
ups.analytics.yahoo.com/ups/58559/ Frame 9D95
Redirect Chain

https://ups.analytics.yahoo.com/ups/58559/occ
https://ups.analytics.yahoo.com/ups/58559/occ?verify=true

0
0

GET redirectuser
ssp.disqus.com/ Frame 9D95 0
0

GET occ
ups.analytics.yahoo.com/ups/58632/ Frame 9D95 0
0

GET

usync.html
eus.rubiconproject.com/ Frame 862D
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

0
0

GET getuid
ib.adnxs.com/ Frame 9D95 0
0

GET /
onetag-sys.com/usync/ Frame BDC9 0
0

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DD78 0
0 27ms
21ms Document
text/html 23.35.236.201

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer: https://sync.serverbid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=172242
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Tue, 06 Sep 2022 13:56:58 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 08 Sep 2022 13:47:40 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET rid
match.adsrvr.org/track/ Frame 7C46 0
0

GET pixel
ap.lijit.com/ Frame 7C46 0
0

GET um
cs.emxdgt.com/ Frame 7C46 0
0

GET cm
p.rfihub.com/ Frame 7C46 0
0

GET usermatchredir
ssum-sec.casalemedia.com/ Frame 7C46 0
0

GET prebid
rtb.openx.net/sync/ Frame 7C46 0
0

GET

usersync
x.serverbid.com/ Frame 7C46
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=9217520083531964988

0
0

GET usa
sync.go.sonobi.com/ Frame 7C46 0
0

GET occ
pixel.advertising.com/ups/56621/ Frame 7C46 0
0

GET pixel
ap.lijit.com/ Frame 7503 0
0

GET um
cs.emxdgt.com/ Frame 7503 0
0

GET cm
p.rfihub.com/ Frame 7503 0
0

GET usermatchredir
ssum-sec.casalemedia.com/ Frame 7503 0
0

GET prebid
rtb.openx.net/sync/ Frame 7503 0
0

GET

usersync
x.serverbid.com/ Frame 7503
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=9217520083531964988

0
0

GET usa
sync.go.sonobi.com/ Frame 7503 0
0

GET occ
pixel.advertising.com/ups/56621/ Frame 7503 0
0

GET /
onetag-sys.com/usync/ Frame 5186 0
0

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1B20 0
0 21ms
20ms Document
text/html 23.35.236.201

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer: https://sync.serverbid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=172242
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Tue, 06 Sep 2022 13:56:58 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 08 Sep 2022 13:47:40 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET rid
match.adsrvr.org/track/ Frame 7503 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=bpL-ZIByur67OuaKj0P0Le

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=bmBWNoByur67OuaKj0P0Le

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=bgZdFqByur67OuaKj0P0Le

Domain: ssc-cms.33across.com
URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bgZdFqByur67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined

Domain: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Domain: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID

Domain: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D

Domain: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Domain: ce.lijit.com
URL: https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1

Domain: ap.lijit.com
URL: https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID

Domain: x.yieldlift.com
URL: https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID

Domain: sync.1rx.io
URL: https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1662472618900

Domain: p.rfihub.com
URL: https://p.rfihub.com/cm?pub=44007&in=1

Domain: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D

Domain: ads.servenobid.com
URL: https://ads.servenobid.com/sync?pid=327&uid=8de0f55f-4231-4ca8-a2c0-93cc6e31cd8f&gdpr=0&gdpr_consent=&us_privacy=1YN-

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58559/occ?verify=true

Domain: ssp.disqus.com
URL: https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58632/occ

Domain: ce.lijit.com
URL: https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D

Domain: ap.lijit.com
URL: https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID

Domain: x.yieldlift.com
URL: https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID

Domain: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Domain: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID

Domain: sync.1rx.io
URL: https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1662472618900

Domain: p.rfihub.com
URL: https://p.rfihub.com/cm?pub=44007&in=1

Domain: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D

Domain: ads.servenobid.com
URL: https://ads.servenobid.com/sync?pid=327&uid=c89ba42b-219c-45e8-9df2-ea664f3fefea&gdpr=0&gdpr_consent=&us_privacy=1YN-

Domain: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58559/occ?verify=true

Domain: ssp.disqus.com
URL: https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58632/occ

Domain: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID

Domain: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6c68086c0c61793

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json

Domain: ap.lijit.com
URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID

Domain: cs.emxdgt.com
URL: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24UID

Domain: p.rfihub.com
URL: https://p.rfihub.com/cm?pub=42786&in=1

Domain: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D

Domain: rtb.openx.net
URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D

Domain: x.serverbid.com
URL: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=9217520083531964988

Domain: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D

Domain: pixel.advertising.com
URL: https://pixel.advertising.com/ups/56621/occ

Domain: ap.lijit.com
URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID

Domain: cs.emxdgt.com
URL: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24UID

Domain: p.rfihub.com
URL: https://p.rfihub.com/cm?pub=42786&in=1

Domain: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D

Domain: rtb.openx.net
URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D

Domain: x.serverbid.com
URL: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=9217520083531964988

Domain: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D

Domain: pixel.advertising.com
URL: https://pixel.advertising.com/ups/56621/occ

Domain: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6c68086c0c61793

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json

Verdicts & Comments Add Verdict or Comment

140 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.fox13now.com/	1970-01-20 06:31:04	Name: _pbjs_userid_consent_data Value: 3524755945110770
.fox13now.com/	1970-01-20 05:47:54	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth%22%2C%22sref%22:%22%22%2C%22sts%22:1662472611351%2C%22slts%22:0}
.fox13now.com/	1970-01-20 15:17:16	Name: _parsely_visitor Value: {%22id%22:%22pid=7132bbe0a43d938f71e2e6addc054361%22%2C%22session_count%22:1%2C%22last_session_ts%22:1662472611351}
www.fox13now.com/	1969-12-31 23:59:59	Name: mnet_session_depth Value: 1%7C1662472611382
.fox13now.com/	1970-01-20 15:23:52	Name: _ga Value: GA1.2.809085808.1662472611
.fox13now.com/	1970-01-20 05:49:19	Name: _gid Value: GA1.2.1650447423.1662472611
.fox13now.com/	1970-01-20 05:47:52	Name: _dc_gtm_UA-27022641-1 Value: 1
.fox13now.com/	1970-01-20 05:47:52	Name: _dc_gtm_UA-29479748-9 Value: 1
.fox13now.com/	1970-01-20 05:47:52	Name: _dc_gtm_UA-40066851-1 Value: 1
.rubiconproject.com/	1970-01-20 14:33:28	Name: khaos Value: L7Q99OZI-1V-C2P4
.rubiconproject.com/	1970-01-20 14:33:28	Name: audit Value: 1\|naVuGyos1qpPTomfigYp0S+IXqvPVzt4X6LBWwGzep0JDp7MRhFcacQ84jp8tew8v3x9nf74OVJjzOjwT/dn4eBxGCOXoSK1La0KTFi9hDCma+WVcS1g3g==
.adnxs.com/	1970-01-20 07:57:28	Name: icu Value: ChgIxIZ3EAoYASABKAEwo6PdmAY4AUABSAEQo6PdmAYYAA..
.gumgum.com/	1970-01-20 14:33:28	Name: cs Value: true
.gumgum.com/	1970-01-20 06:31:04	Name: loc Value: SfolTs1ZIlMP1YqU13Q1mr6RHVDCFUQcQ6uWw-wO91mMrM_tcWfg5vtXVpEL2zdeD75ohQ4QwHwukLfQGe5DRCFgeL3T5WVmseR9QdHaP9w
.adnxs.com/	1970-01-20 07:57:28	Name: uuid2 Value: 9217520083531964988
.serverbid.com/	1970-01-20 06:09:28	Name: CONSUMABLEID Value: 70a27bf08f934da1a27bf08f93fda1f1
.media.net/	1970-01-20 14:33:28	Name: visitor-id Value: 3054742121492549000V10
.doubleclick.net/	1970-01-20 15:09:28	Name: IDE Value: AHWqTUnEVGQ0CAnrgxe2PJTnu4LwhX9Oo3CFlOUUuRlYBlNH1ECHCZzLRxqpXPf4Wrk
.fox13now.com/	1970-01-20 15:09:28	Name: __gads Value: ID=9fcf205bb762957a-2200453715ce00ad:T=1662472613:S=ALNI_MZ3J7MoGDbi0Tq3YMKH-Kbcnf6Hug
.casalemedia.com/	1970-01-20 14:33:28	Name: CMID Value: YxdRpeBRLNHHlArp8vA1-AAA
.casalemedia.com/	1970-01-20 07:57:28	Name: CMPS Value: 1211
.casalemedia.com/	1970-01-20 07:57:28	Name: CMPRO Value: 1211
.adnxs.com/	1970-01-20 07:57:28	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?gk[P5w!]tbPl1M>e)ZlrFUfJ+tGXxoy=:ej68yM__Af]SLQPnRH<??a_YZT@xKE#0S3If)y3KL9D3I?+$_TBQ%
.casalemedia.com/	1970-01-20 07:57:28	Name: CMTS Value: 1172

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.cookielaw.org/consent/000000/000000.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.fox13now.com/weather/school-closings-delays?_renderer=json Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://cms.scrippsdigital.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2c71a8f5b4e9f57f6efaf633e6a76088.safeframe.googlesyndication.com
acdn.adnxs.com
ads.pubmatic.com
ads.rubiconproject.com
ads.servenobid.com
adservice.google.com
adservice.google.de
analyticssystems.net
ap.lijit.com
api.ewscloud.com
assets.scrippsdigital.com
aswpsdkus.com
c.amazon-adsystem.com
c21lg-d.media.net
c2shb.ssp.yahoo.com
capi-tier-1-us-east-2.connatix.com
capi.connatix.com
cd.connatix.com
cdn.cookielaw.org
cdn.parsely.com
cds.connatix.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
cs.emxdgt.com
d3plfjw9uod7ab.cloudfront.net
dsum-sec.casalemedia.com
e.serverbid.com
eb2.3lift.com
eus.rubiconproject.com
ewscripps-d.openx.net
ewscripps.brightspotcdn.com
fastlane.rubiconproject.com
flint.defybrick.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hblg.media.net
hbx.media.net
ib.adnxs.com
id5-sync.com
imasdk.googleapis.com
img.connatix.com
ins.connatix.com
link.3blmedia.com
lit.connatix.com
log.outbrainimg.com
match.adsrvr.org
mv.outbrain.com
odb.outbrain.com
onetag-sys.com
p.rfihub.com
p.typekit.net
p1.parsely.com
pagead2.googlesyndication.com
pixel.advertising.com
pixel.rubiconproject.com
prebid-a.rubiconproject.com
public.servenobid.com
rock.defybrick.com
rtb.openx.net
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.ewscloud.com
stats.g.doubleclick.net
sync.1rx.io
sync.go.sonobi.com
sync.serverbid.com
tcheck.outbrainimg.com
tlx.3lift.com
tpc.googlesyndication.com
tru.am
u.openx.net
ups.analytics.yahoo.com
use.fontawesome.com
use.typekit.net
vid.connatix.com
web.hb.ad.cpe.dotomi.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.fox13now.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.serverbid.com
x.yieldlift.com
ads.servenobid.com
ap.lijit.com
ce.lijit.com
cs.emxdgt.com
eus.rubiconproject.com
ib.adnxs.com
match.adsrvr.org
onetag-sys.com
p.rfihub.com
pixel.advertising.com
rtb.openx.net
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
sync.1rx.io
sync.go.sonobi.com
ups.analytics.yahoo.com
x.serverbid.com
x.yieldlift.com
104.18.19.126
108.138.17.13
13.32.121.46
13.32.2.61
13.32.99.50
141.95.98.71
142.250.184.226
142.250.185.66
151.101.14.132
151.101.2.137
151.101.66.137
159.89.246.130
167.89.115.56
18.158.192.160
18.195.227.5
18.219.108.29
18.66.122.58
18.66.23.213
18.66.97.79
184.51.9.223
2.21.184.22
23.35.228.23
23.35.229.181
23.35.236.188
23.35.236.201
23.54.109.149
23.75.240.210
2600:1f18:e8a:cd08:3437:aff5:50c:d298
2600:9000:206e:4e00:10:618e:d880:93a1
2600:9000:218e:2200:13:a391:88c0:21
2600:9000:223e:7600:1a:ba5c:3900:93a1
2602:803:c003:200::51
2606:4700:20::681a:374
2606:4700:3030::6815:251b
2606:4700:3032::ac43:a9f7
2606:4700::6810:9440
2a00:1450:4001:800::2006
2a00:1450:4001:803::2002
2a00:1450:4001:803::2008
2a00:1450:4001:806::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2001
2a00:1450:4001:831::2001
2a00:1450:400c:c0c::9c
2a02:26f0:10e::6860:5bb2
2a02:26f0:10e::6860:5bb9
2a02:fa8:8806:20::2100
2a03:2880:f01c:8012:face:b00c:0:3
3.248.153.68
34.160.158.95
34.98.64.218
35.157.246.167
37.252.173.215
52.17.99.225
52.85.96.112
63.35.80.4
69.173.144.138
70.42.32.31
76.223.111.18
99.86.240.98
03c3c575244d626f8f7c1ef87d40b40fdef2c9a5231117e098de1ad7078263f2
047112d270d9aeb32c71f83d6ef8649b95821a28484eb7b0b3bdb78b69060df0
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05b8152ee2105e6c599c4b2e8d8e48bc7aead8d1f5a6cb92c70acbf811118d86
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08de8ea6e0f9152d5d29a0b6d575137784a6c9e8a9771198b37880859a83a7e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f1928c0a2274141ca7ba973c6098bb259a335c6ecc1969fed7ce92fea6a744d
101747c1a69596c1600529606c5ff1e36eebc0806696a5af75a77f83bb9c21f5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
136da57ff927092cc8dd8aa976c27fb4ccb7336781a8d1335e6ed91bd61e50e5
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d0e8483bf5f4894781be1119152bee656a83feb2cb87837d76cd4261016fe4b
1e07e272734d4232d604835b00dfb9847c36a95e2fb6a01458590618e2bbcc77
1fc5bf7b4fc55ae6ae3af77867e32aa18d1a6c134289ed0b775cecd21624353b
254ad0a2f10a103ea9d7a144a2c69ab341811605ea30814c33f69bd2e75912c6
2814434f2d8063f98b92a9c0c25629d00b5c11edee3c6fd97025377b2636d301
282dd56d934fcb6d681b35999f91b112b166fde9330e400ea349a0d6cc27173e
28342c538861f824c13b221abba967c6b32b77d8cf04801b37d0a6c52229c3a2
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2fc67e51612a060864bf2a051671e69044ca49d27660a5e4d5e0ad88d50f38d0
318105032b521ca177fd1918c5f40e00315f3b6498bd320c3c62021aaa368c51
32e1329797d326d745531601e74965eceda43ea66defc3ddee4fbbddf8df2913
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
349a542f6391d7f28541a00c46cc0f00dbd0b4923bc06b058168e5b95c0066ec
35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8
36404e38218b616b01d536bf0a7ef92668438a5b1cc7c60dc633f6d4ed814b5c
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3ad36bb49239b3d32df10dc97841cb24dd28a8bca96ee95a57f4972d9b607976
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
412f0f1bf6963baa7ab3cb815bb089c0bde661d3f26bce235d290379ecc54ba8
44184c16fd72e51859e402906cfc8eb5cc13161916b42cf46e416bc9e3fe9850
447ac9d5774713719cfedb0bbfff12822e14c9514c6fef11d833e5c75f34649f
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
487dac5479175152da0746d331187b75f919b2b797b206ea5f44877b37fa6f2a
4a9c07eaf719ee406923a564299399e29b431b0d2facc698f3ffb8c24afb7e62
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4beaae7eb84362e284414e3c2289ecf87dffdf06cb218c959eacc056a784d6b0
5006c8a4c4b48e75bbc4b9df61751929db4dbfbb8dc880b88982013d74766c3f
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
59d66877dcf8e02aeb4c1f780b7b60d3a407ab9f499c88a678f37db008f4111a
5c03f45c8f7db59ce010818141dbc2bc62e6ff926c56cfb00922cab29582550c
5c65a55f7e434cca13508c8c61f35e1512443e0d220547a8dc61870fcddf4a6b
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5d8f24de649d274c051960845b51a0407362d6b4c80de23985e648d3378708f5
602498373dd83e289bd8450e4166abb1c9cb7088465d47d33ba2018fb2a36ca1
60d86669bd9ed9711c63f3ae3da3922facc9e47fb76416895727cad3d879f71c
60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13
617912f14527ee7d9bbbb6340eb9a5214dba3082883643f43621cd816449159b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a
627423dcac183448d03314057fec8692f22d57c9872bd89a966c84bf2111620e
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1
66f3dc65f9aa7a72d3cf84f4aecea342a865bcdc7dc66ef3e8a54b77b584155c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee
6e220784889e0e6653b205efc1e0632490da633cdb62c4d498b40b3e0f3f79b9
6edce11425570893d77bc7008d54ccf8af6f89e823ed40ecbd29736b7dd3c495
6f52cc085c2881067e796c67da49dbde256a8ff8aee64cbb6513c68648c7bdeb
742dfc497faa6aa260528f4f74ca8ddefc6ba6b2934e7b80d85825f4f91124d3
757c81ac1fd77c27e6384764d8e87f1eb91d72e5eb59843cf7bccc3bb34b2174
782291da22d5d84245499d521f3cb690a096b55dea7be089c5b841bf1631cc9f
795404e4d9bc0212aa149497c281462504554b632a5112c9f0d42a12c4867ba8
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a20b371f96093be0c049b07134deb9bec533817ce791e865aaab7b60dfe4beb
7b491b7e75f58ce5c0d60bcdf9f0da01d082df493a739458ca0d733795877ebb
7c2a614b13e950e8f42edf58e5739da4084ac9bd97601a2731f7b7f8bae97889
7e03ea05c599640f6d1a683302bec77bcd06d63d0a41c3df4867637835876dd9
7f8c6a794c3e78fdf5a92ff96d59cb8774cbd648bcc486d92eb31320c3551f16
81a6361b1f6ff5f9f6ca05b773fb993d7b7b3f668635ccba4379fa3ecb9a7e3e
833137b7bc2667c2da3d59438941bcb2cc534df1fc7674e2220c7c2127ce05cc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
889b1272b88b89ba7f66018a66ff83775f50ef9427c78e8f5b032eeb5a3de6d1
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bb64e30017933b8a694b456a9f303627e643c5c2e75500da72cb2f07d131562
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
8f727e82890c7c9073d2d2e997e10c0d69a4bb7dfc92586368157a35f22f79b4
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
905fe7d6c73796803b46ec33f1e840262361397a12c3924fc82b79f1149bdcec
90945c85490a12e74c00424f08a64f9977401d51e443cf45e7f646e4e4079f91
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
96601a23ced547dddfc5b0d1991c9109ced3b345fcc8aafd86fe23a07e70c19d
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0fb3bdbceebd52c9a19da7234cb3f3636107561e06d005fcd442bd0fac0a38a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a46df7d02b1430726c98999320109ce05ca8f78c3387250776cd9f60eb96281c
a49cde5a2c26fabfce1fb651684014115916038bb5dc779c63fd96afa8df8368
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a78eee44a33280cae70b7fade38a0ea36d2d3c34252c8fffe9e5d91aaf463a0c
a7bafdef42657f4396a444095d1de9a159d964b4f0fc5d6593af3dcca5febf4a
a802261b904acce7351cda2483fe4f7abbf59102abce8b7020d33492c53258a8
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
ac42b3ddcac7d94dacf878ae6de4874edf87e036eb94f818f7f75f4de001d2f1
af9ffcd63086c4bb32a86781eb1fe125ea3b5b0a6c4355988fb04ac21cf5bf7d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4096925f34c85d0c0e934ad77c44165dcd66fecc354c153784d246f00911da5
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b96e6beab93cd979f18edcb11b5b9c620f4cf74e43aa3a2b0406cdbb4739c676
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
bbe6892adb45348a26af61da63e329a2388e1e33262635537524d4a39222da19
bcb223ca5c745dfff14eea9c81961acf3cd89b4c7c0175463987d55dbad89734
bd6cafb0d9f0509d461f9b8845027ecb7f5385ee273346f5f44efd2b328afdb3
be0e87bfa7c189736cd77ae3fdcae0a3ab5f5811eeb105cfe358c0203f8d002e
be627c74f95035a3c0d32be88fc6f6d97be8cdd21ea91cf59c2085dbc6156fbd
c118d25025641cb49e963095aad1a75e9d0662d56132c07bc13018eb734c4c8f
c53fd1125a3c7cdb0f4b956049f8163f81701a7a52ac480bfae4007a6cd6498a
c5c3eaa0e236da596b6942aafc79ac79850bed858e1ceb9acf17421339f9551d
c980c12d2d739240b988a2be26ec7c5e686a3a44ec2031f56a2bd1a4a0e4ad76
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf56f693d4eed1cdbd961d8575c92c9b5c5b63f0c249dc843b7134d2f3607542
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1f9c5c64d175a8bc389afa09401c72262f33961d56241d00902c2a397eac4e7
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d46651a0642c39afc570af89ad0b4373250d4002c05e92282aab4b289c4771d8
d4eb51c6a13c68901deb32265b76816b0a865d625a8ce4f3917012bda3bc09db
d542f80e9048b08b7ef8009c5f888ed2365f42b20543a15b4457d067e2ae4a8a
d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42
db8eb42c61b6eeb13d22b9a9399e168db136b4ead273f374eb34e4d0df0f87f0
e0f4d612cc37f2d36ab742573f2a862bae5682ce502d57194da852cc511b656e
e14412d15881b4b0edfd0ceb9910b602b20100c5e2dd48e26203ced5704efd8b
e332958dca60b2a19fd275a0f09197eb58c4a6ee296171df4eb067942485f692
e39460032fd973666abe629c364ac95af959611328e5a0f97b9219d4ed80c025
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
e8ca23a252b58a07eb67e2c94362cb39a129547558996ec167bebd8c35cef945
e91f910eed851de0ff9ddfe94eb4e2990db0a03d74fb8671679a29527a219e85
e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
edbb929d5353b640b3efb430a7669c3e036080b015ccb06560bbe667367874c8
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f027d6553533e963630b1d0992d5ca83562645cbb955de496b40c41eddd1978e
f0bb1cf1744be64c3bfe31ee3a4ab897dfce69f149b47d1b77e65ce71567a61f
f1797c657800e45304a067a5277d2ee67f657eec99e38d291a3b9b34490b10f9
f17a61f868ba322b5ef1bbf48692bb744a3cf8b93bd8477a73cf38b223e6cb6e
f22eb36f531f8a86b9bfdb5835b700626883ca9ab9b84a4b3cbef9314e021c95
f3e7903c0222590b5a8af20c021e3dc1a589cd485a0840d1589fe960b6b60fa3
f76eb4002f16fb7e104973e52bc778f324ff7c75c8ebbcdc1d37a0b1e0872ac9
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
fdcb74f626ef8f1059c0e3bd503017b8fdda4a54afcc26a4da734f5fd5c7a87a

www.fox13now.com Open in urlscan Pro 52.85.96.112 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

295 Requests

79 %HTTPS

41 %IPv6

54 Domains

94 Subdomains

66 IPs

8 Countries

3930 kBTransfer

13232 kBSize

24 Cookies

20 Outgoing links

Page URL History

Redirected requests

295 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.fox13now.com Open in urlscan Pro
52.85.96.112 Public Scan

Screenshot
Live screenshot

Full Image

295
Requests

79 %
HTTPS

41 %
IPv6

54
Domains

94
Subdomains

66
IPs

8
Countries

3930 kB
Transfer

13232 kB
Size

24
Cookies

295 HTTP transactions
4 data transactions