hromok-ca.shop Open in urlscan Pro
2a01:4f8:140:8224::1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hromok-ca.shop/
Submission: On July 13 via api (July 13th 2023, 9:02:52 am UTC) from US — Scanned from CA

Summary HTTP 175 Redirects Behaviour Indicators

Summary

This website contacted 49 IPs in 4 countries across 64 domains to perform 175 HTTP transactions. The main IP is 2a01:4f8:140:8224::1, located in Germany and belongs to HETZNER-AS, DE. The main domain is hromok-ca.shop.
TLS certificate: Issued by R3 on July 11th 2023. Valid for: 3 months.

This is the only time hromok-ca.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a01:4f8:140:... 2a01:4f8:140:8224::1	24940 (HETZNER-AS) (HETZNER-AS)
12	2606:4700::68... 2606:4700::6812:1053	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2600:141b:13:... 2600:141b:13::17d7:8252	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	52.85.61.21 52.85.61.21	16509 (AMAZON-02) (AMAZON-02)
2	13.33.60.51 13.33.60.51	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
6	54.230.163.106 54.230.163.106	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:1971	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
6	96.16.196.219 96.16.196.219	16625 (AKAMAI-AS) (AKAMAI-AS)
8	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
3	143.204.151.99 143.204.151.99	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:820::2008	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f00... 2a03:2880:f00e:13:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2600:1901:0:7... 2600:1901:0:7a38::1	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1c26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.244.156.29 35.244.156.29	15169 (GOOGLE) (GOOGLE)
1	23.52.152.237 23.52.152.237	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:9000:21d... 2600:9000:21dd:6c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	146.75.34.132 146.75.34.132	54113 (FASTLY) (FASTLY)
1 4	2620:116:800b... 2620:116:800b:21:c1e8:5385:5098:6bf0	14618 (AMAZON-AES) (AMAZON-AES)
1 2	108.139.47.50 108.139.47.50	16509 (AMAZON-02) (AMAZON-02)
18	38.133.127.127 38.133.127.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	3.5.9.201 3.5.9.201	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:21d... 2600:9000:21dd:3a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:817::2001	15169 (GOOGLE) (GOOGLE)
1	192.132.33.41 192.132.33.41	18568 (BIDTELLECT) (BIDTELLECT)
2 3	68.67.160.186 68.67.160.186	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	108.138.126.121 108.138.126.121	16509 (AMAZON-02) (AMAZON-02)
1	34.98.72.95 34.98.72.95	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	64.202.112.159 64.202.112.159	23352 (SERVERCEN...) (SERVERCENTRAL)
1 2	54.161.2.222 54.161.2.222	14618 (AMAZON-AES) (AMAZON-AES)
1	23.47.145.225 23.47.145.225	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	23.20.128.203 23.20.128.203	14618 (AMAZON-AES) (AMAZON-AES)
1	13.225.214.117 13.225.214.117	16509 (AMAZON-02) (AMAZON-02)
2 2	35.207.24.140 35.207.24.140	15169 (GOOGLE) (GOOGLE)
3 3	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
2 2	54.161.170.61 54.161.170.61	() ()
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 2	3.230.62.22 3.230.62.22	14618 (AMAZON-AES) (AMAZON-AES)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.44.20.252 52.44.20.252	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.229.3.43 34.229.3.43	() ()
2 3	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
4 5	35.244.159.8 35.244.159.8	() ()
2 2	192.40.39.223 192.40.39.223	() ()
2 2	3.225.218.10 3.225.218.10	() ()
2 2	44.208.197.254 44.208.197.254	() ()
1 1	2600:9000:220... 2600:9000:2209:9800:1b:5138:8a40:93a1	() ()
1 1	23.105.12.142 23.105.12.142	() ()
1	2620:1ec:c11:... 2620:1ec:c11::200	() ()
2 2	207.198.113.204 207.198.113.204	() ()
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f10... 2a03:2880:f10e:83:face:b00c:0:25de	() ()
2	2607:f8b0:400... 2607:f8b0:4006:81c::2004	() ()
1	34.120.253.250 34.120.253.250	() ()
1 1	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
1	162.19.138.116 162.19.138.116	() ()
175	49

2 2a01:4f8:140:8224::1 (Germany)

ASN24940 (HETZNER-AS, DE)

hromok-ca.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6812:1053 (United States)

ASN13335 (CLOUDFLARENET, US)

cookie-cdn.cookiepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:141b:13::17d7:8252 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.85.61.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-21.ewr53.r.cloudfront.net

deseret.brightspotcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.60.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-51.ewr52.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.230.163.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-106.ewr53.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1971 (United States)

ASN13335 (CLOUDFLARENET, US)

uploads.deseret.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::200e (Flushing, United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 96.16.196.219 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-196-219.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:824::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.151.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-151-99.ewr52.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2008 (Flushing, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f00e:13:face:b00c:0:3 (Toronto, Canada)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:7a38::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

restrainstorm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1c26 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.156.29 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 29.156.244.35.bc.googleusercontent.com

deseretnews.coral.coralproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.152.237 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-152-237.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21dd:6c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.34.132 (Ashburn, United States)

ASN54113 (FASTLY, US)

mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800b:21:c1e8:5385:5098:6bf0 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.139.47.50 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-50.jfk50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 38.133.127.127 (United States)

ASN22075 (AS-OUTBRAIN, US)

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-sadc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.9.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

ams-pageview-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21dd:3a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:817::2001 (Flushing, United States)

ASN15169 (GOOGLE, US)

aed277b1e66a59d4f11f8a33e7f06e64.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.41 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 41.bidtellect.com

api.bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.160.186 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.126.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-126-121.jfk50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.159 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.161.2.222 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-2-222.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.47.145.225 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-47-145-225.deploy.static.akamaitechnologies.com

sync-jp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.20.128.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-128-203.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.214.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-117.ewr50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.207.24.140 (North Charleston, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (North Charleston, United States) 3 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.161.170.61 (None, ) 2 redirects

ASN- ()

t.pswec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.230.62.22 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-62-22.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.44.20.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-20-252.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.229.3.43 (None, ) 2 redirects

ASN- ()

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.159.8 (None, ) 4 redirects

ASN- ()

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hashtaglabs-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.40.39.223 (None, ) 2 redirects

ASN- ()

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.218.10 (None, ) 2 redirects

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.208.197.254 (None, ) 2 redirects

ASN- ()

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2209:9800:1b:5138:8a40:93a1 (None, ) 1 redirects

ASN- ()

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.12.142 (None, ) 1 redirects

ASN- ()

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (None, )

ASN- ()

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.198.113.204 (None, ) 2 redirects

ASN- ()

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f10e:83:face:b00c:0:25de (None, )

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (None, )

ASN- ()

tag.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (None, )

ASN- ()

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1364 widget-pixels.outbrain.com — Cisco Umbrella Rank: 3529 mv.outbrain.com — Cisco Umbrella Rank: 1847 mcdp-sadc1.outbrain.com — Cisco Umbrella Rank: 4845 sync.outbrain.com	97 KB
12	cookiepro.com cookie-cdn.cookiepro.com — Cisco Umbrella Rank: 6714	164 KB
9	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 cm.g.doubleclick.net — Cisco Umbrella Rank: 254	187 KB
8	brightspotcdn.com deseret.brightspotcdn.com — Cisco Umbrella Rank: 153292	704 KB
6	openx.net 4 redirects rtb.openx.net — Cisco Umbrella Rank: 982 us-u.openx.net u.openx.net hashtaglabs-d.openx.net	2 KB
6	googlesyndication.com aed277b1e66a59d4f11f8a33e7f06e64.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com Failed	59 KB
6	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	329 KB
6	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 2361	164 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 614 p.typekit.net — Cisco Umbrella Rank: 795	115 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 113 www.google.com	621 B
4	quantserve.com 1 redirects secure.quantserve.com — Cisco Umbrella Rank: 1250 cms.quantserve.com pixel.quantserve.com — Cisco Umbrella Rank: 1003	19 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 353 aax.amazon-adsystem.com — Cisco Umbrella Rank: 438	62 KB
3	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 428 id.rlcdn.com	384 B
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 359	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 257	2 KB
3	restrainstorm.com restrainstorm.com — Cisco Umbrella Rank: 273133	45 KB
2	facebook.com www.facebook.com	243 B
2	sitescout.com 2 redirects pixel-sync.sitescout.com	1 KB
2	360yield.com 2 redirects ice.360yield.com	871 B
2	yahoo.com 2 redirects ups.analytics.yahoo.com	769 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	exelator.com 2 redirects loadus.exelator.com	2 KB
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 494	957 B
2	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 1132	1 KB
2	pswec.com 2 redirects t.pswec.com	1 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 1197	927 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 383	946 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 218	2 KB
2	bounceexchange.com assets.bounceexchange.com — Cisco Umbrella Rank: 2133 tag.bounceexchange.com	4 KB
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 162	714 B
2	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 624	965 B
2	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 9915 log.outbrainimg.com — Cisco Umbrella Rank: 2371	835 B
2	coralproject.net deseretnews.coral.coralproject.net — Cisco Umbrella Rank: 292215	31 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	180 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 91	2 KB
2	deseret.com uploads.deseret.com — Cisco Umbrella Rank: 232308	74 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	84 KB
2	htlbid.com htlbid.com — Cisco Umbrella Rank: 11321	94 KB
2	hromok-ca.shop hromok-ca.shop	31 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com	401 B
1	id5-sync.com id5-sync.com Failed cdn.id5-sync.com — Cisco Umbrella Rank: 808	25 KB
1	bing.com c.bing.com	669 B
1	smartadserver.com 1 redirects ssbsync.smartadserver.com	379 B
1	smaato.net 1 redirects s.ad.smaato.net	623 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 955	270 B
1	rubiconproject.com 1 redirects pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1199	854 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1777	473 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608	363 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 533	652 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 620	338 B
1	im-apps.net sync-jp.im-apps.net — Cisco Umbrella Rank: 4525	740 B
1	zemanta.com b1sync.zemanta.com — Cisco Umbrella Rank: 573
1	bttrack.com api.bttrack.com — Cisco Umbrella Rank: 51436	436 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1172	634 B
1	amazonaws.com ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 13582	460 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 678	295 B
0	googleapis.com Failed fonts.googleapis.com Failed
0	ampproject.org Failed cdn.ampproject.org Failed
0	rtbsystem.com Failed cm.rtbsystem.com Failed
0	contextweb.com Failed bh.contextweb.com Failed
0	pubmatic.com Failed image2.pubmatic.com Failed
0	geistm.com Failed id.geistm.com Failed
0	unrulymedia.com Failed sync.targeting.unrulymedia.com Failed
0	linksynergy.com Failed tags.rd.linksynergy.com Failed
175	64

	Domain	Requested by
16	sync.outbrain.com	widgets.outbrain.com
12	cookie-cdn.cookiepro.com	hromok-ca.shop cookie-cdn.cookiepro.com
8	securepubads.g.doubleclick.net	htlbid.com tagan.adlightning.com www.googletagservices.com securepubads.g.doubleclick.net
8	deseret.brightspotcdn.com	hromok-ca.shop deseret.brightspotcdn.com
6	connect.facebook.net	hromok-ca.shop connect.facebook.net tagan.adlightning.com
6	tagan.adlightning.com	hromok-ca.shop tagan.adlightning.com
5	tpc.googlesyndication.com	tagan.adlightning.com hromok-ca.shop
5	widgets.outbrain.com	hromok-ca.shop tagan.adlightning.com widgets.outbrain.com
4	use.typekit.net	hromok-ca.shop use.typekit.net
3	x.bidswitch.net	3 redirects
3	ib.adnxs.com	2 redirects htlbid.com
3	restrainstorm.com	hromok-ca.shop tagan.adlightning.com restrainstorm.com
3	c.amazon-adsystem.com	htlbid.com c.amazon-adsystem.com
2	www.google.com	tagan.adlightning.com hromok-ca.shop
2	www.facebook.com	hromok-ca.shop
2	pixel-sync.sitescout.com	2 redirects
2	ice.360yield.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	u.openx.net	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	us-u.openx.net	1 redirects hromok-ca.shop
2	idsync.rlcdn.com	1 redirects widgets.outbrain.com
2	loadus.exelator.com	2 redirects
2	creativecdn.com	2 redirects
2	ps.eyeota.net	1 redirects widgets.outbrain.com
2	t.pswec.com	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	match.adsrvr.org	2 redirects
2	dpm.demdex.net	1 redirects widgets.outbrain.com
2	adservice.google.com	tagan.adlightning.com
2	sb.scorecardresearch.com	1 redirects hromok-ca.shop
2	secure.quantserve.com	www.googletagmanager.com tagan.adlightning.com
2	static.adsafeprotected.com	hromok-ca.shop
2	deseretnews.coral.coralproject.net	hromok-ca.shop deseretnews.coral.coralproject.net
2	www.googletagmanager.com	hromok-ca.shop tagan.adlightning.com
2	www.youtube.com	hromok-ca.shop tagan.adlightning.com www.youtube.com
2	uploads.deseret.com	hromok-ca.shop uploads.deseret.com
2	www.googletagservices.com	hromok-ca.shop tagan.adlightning.com
2	htlbid.com	hromok-ca.shop
2	hromok-ca.shop	deseret.brightspotcdn.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	cm.g.doubleclick.net	1 redirects
1	hashtaglabs-d.openx.net	1 redirects
1	tag.bounceexchange.com	tagan.adlightning.com
1	cdn.id5-sync.com	tagan.adlightning.com
1	pixel.quantserve.com	hromok-ca.shop
1	cms.quantserve.com	1 redirects
1	id.rlcdn.com	1 redirects
1	c.bing.com	widgets.outbrain.com
1	ssbsync.smartadserver.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	sync.crwdcntrl.net	widgets.outbrain.com
1	pixel-us-east.rubiconproject.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	dis.criteo.com	widgets.outbrain.com
1	aa.agkn.com	widgets.outbrain.com
1	beacon.krxd.net	widgets.outbrain.com
1	sync-jp.im-apps.net	widgets.outbrain.com
1	b1sync.zemanta.com	widgets.outbrain.com
1	assets.bounceexchange.com	tagan.adlightning.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	rtb.openx.net	htlbid.com
1	api.bttrack.com	htlbid.com
1	aed277b1e66a59d4f11f8a33e7f06e64.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	mcdp-sadc1.outbrain.com	widgets.outbrain.com
1	rules.quantcount.com	secure.quantserve.com
1	ams-pageview-public.s3.amazonaws.com	hromok-ca.shop
1	log.outbrainimg.com	widgets.outbrain.com
1	mv.outbrain.com	tagan.adlightning.com
1	widget-pixels.outbrain.com	hromok-ca.shop
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	geolocation.onetrust.com	cookie-cdn.cookiepro.com
1	p.typekit.net	use.typekit.net
0	pagead2.googlesyndication.com Failed	tagan.adlightning.com
0	fonts.googleapis.com Failed	hromok-ca.shop
0	cdn.ampproject.org Failed	hromok-ca.shop
0	cm.rtbsystem.com Failed	widgets.outbrain.com
0	id5-sync.com Failed	widgets.outbrain.com cdn.id5-sync.com
0	bh.contextweb.com Failed	widgets.outbrain.com
0	image2.pubmatic.com Failed	widgets.outbrain.com
0	id.geistm.com Failed	widgets.outbrain.com
0	sync.targeting.unrulymedia.com Failed	widgets.outbrain.com
0	tags.rd.linksynergy.com Failed	widgets.outbrain.com
175	83

This site contains no links.

Subject Issuer	Validity	Valid
hromok-ca.shop R3	`2023-07-11` - `2023-10-09`	3 months	crt.sh
cookiepro.com Cloudflare Inc ECC CA-3	`2023-03-20` - `2024-03-19`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
origin.deseret.production.chorus.brightspot.cloud Amazon RSA 2048 M01	`2023-01-26` - `2024-02-25`	a year	crt.sh
htlbid.com Amazon RSA 2048 M01	`2023-02-21` - `2023-11-19`	9 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.adlightning.com Amazon RSA 2048 M01	`2023-07-08` - `2024-08-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-21` - `2023-07-20`	3 months	crt.sh
restrainstorm.com R3	`2023-05-29` - `2023-08-27`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
deseretnews.coral.coralproject.net GTS CA 1D4	`2023-05-29` - `2023-08-27`	3 months	crt.sh
*.outbrainimg.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-02` - `2024-03-02`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-03-21` - `2023-12-19`	9 months	crt.sh
quantserve.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-04` - `2024-04-21`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
assets.bounceexchange.com GTS CA 1D4	`2023-05-25` - `2023-08-23`	3 months	crt.sh
*.zemanta.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-09-06`	a year	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
tag.bounceexchange.com R3	`2023-05-24` - `2023-08-22`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://hromok-ca.shop/
Frame ID: 236870A9039CCB77BD82B5417E1460E6
Requests: 121 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=ed43fc21-ac6d-4f2d-b74d-e07d8a08382b
Frame ID: 1D98E39DE29679DEA04D4B1DF632256A
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: 0A857502CDA6BBB4B6DFA3CD9B47B629
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: E101D2BDC41ED2363DFBCA6B9AE0B4E3
Requests: 34 HTTP requests in this frame

Frame: https://aed277b1e66a59d4f11f8a33e7f06e64.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 01D5822D174C1FDA966E03A53C0E9922
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Frame ID: F374F6D3EC8E0ECF84793FBB36BBCF9E
Requests: 3 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Frame ID: DF0D0F434799B995E82AD77290386E9F
Requests: 11 HTTP requests in this frame

Frame: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Frame ID: 34B16D0C3246E2E577C0A63D9CD5DCAB
Requests: 10 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9378C5CE23E8399F08350EC7D7310D99
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

175
Requests

63 %
HTTPS

33 %
IPv6

64
Domains

83
Subdomains

49
IPs

4
Countries

2481 kB
Transfer

6110 kB
Size

Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://sb.scorecardresearch.com/b?c1=2&c2=16033947&ns__t=1689238935080&ns_c=UTF-8&c8=Bill%20Gates%3A%20AI%20will%20kill%20off%20Amazon%2C%20Google%20and%20power%20humanoid%20workers%20-%20Deseret%20News&c7=https%3A%2F%2Fhromok-ca.shop%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=16033947&ns__t=1689238935080&ns_c=UTF-8&c8=Bill%20Gates%3A%20AI%20will%20kill%20off%20Amazon%2C%20Google%20and%20power%20humanoid%20workers%20-%20Deseret%20News&c7=https%3A%2F%2Fhromok-ca.shop%2F&c9=

Request Chain 100

https://idsync.rlcdn.com/420046.gif?partner_uid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CM7RGRJMCkgIARC-ngEaQHNOU1UtbFdPV0lOZDZqS1FFdVJvMkZzSUpkM0dNNDhOU0NKeHd6eU55R3h0WGxtaDBicU0yUDIzQlA4VXdhTm0QABoNCJv7vqUGEgUI6AcQAEIASgA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=5b2de925b4477f12b40845cbad711f2f28a987ad35759b3fbf94eed76703975f791426b5417dce21&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA1YjJkZTkyNWI0NDc3ZjEyYjQwODQ1Y2JhZDcxMWYyZjI4YTk4N2FkMzU3NTliM2ZiZjk0ZWVkNzY3MDM5NzVmNzkxNDI2YjU0MTdkY2UyMRAAGgwInvu-pQYSBAgCEABCAEoA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA1YjJkZTkyNWI0NDc3ZjEyYjQwODQ1Y2JhZDcxMWYyZjI4YTk4N2FkMzU3NTliM2ZiZjk0ZWVkNzY3MDM5NzVmNzkxNDI2YjU0MTdkY2UyMRAAGgwInvu-pQYSBAgCEABCAEoA&google_gid=CAESEJpCB3asqBWf0HFOUu5CliU&google_cver=1 HTTP 307
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=

Request Chain 102

https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dappnexus%26uid%3D%24UID%26obUid%3DsNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=804995347436160039&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob

Request Chain 103

https://dpm.demdex.net/ibs:dpid=133726&dpuuid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_pd=1&gdpr_consent=

Request Chain 105

https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://sync.outbrain.com/cookie-sync?p=ttd&uid=b1fee8f7-8bb4-4941-8b35-9b2d18eb1126&gdpr=0&gdpr_consent=

Request Chain 108

https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob HTTP 302
https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=81de382d-e849-4587-bacc-0e01af01b005&gdpr=0&gdpr_consent=&us_privacy=1---

Request Chain 109

https://x.bidswitch.net/sync?ssp=outbrain&user_id=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=outbrain&user_id=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
https://t.pswec.com/bsw_sync?ssp=outbrain&bsw_user_id=4c8ce368-e220-41e2-a7fd-9fa1004727a7 HTTP 302
https://t.pswec.com/ul_cb/bsw_sync?ssp=outbrain&bsw_user_id=4c8ce368-e220-41e2-a7fd-9fa1004727a7 HTTP 302
https://x.bidswitch.net/sync?dsp_id=2&user_id=5d1bc30d-e94e-4ae9-85ce-04962bd0f4ff&expires=3&user_group=1&ssp=outbrain HTTP 302
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=4c8ce368-e220-41e2-a7fd-9fa1004727a7&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 111

https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECKGhvUYlQUlB9vIbcTj1As&google_cver=1 HTTP 302
https://sync.1rx.io/usersync/bidswitch/4c8ce368-e220-41e2-a7fd-9fa1004727a7?gdpr=&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync/bidswitch/4c8ce368-e220-41e2-a7fd-9fa1004727a7?zcc=1&cb=1689238943891 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-c5e9cc2d-318c-462e-95bb-11ea6a34f783-005

Request Chain 112

https://dsp.adfarm1.adition.com/cookie/?ssp=25&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7255225998158592152&gdpr=0&gdpr_consent=

Request Chain 113

https://ps.eyeota.net/match?bid=1mpn7m0&uid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm HTTP 302
https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm

Request Chain 115

https://creativecdn.com/cm-notify?pi=outbrain&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob HTTP 302
https://creativecdn.com/cm-notify?pi=outbrain&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&tc=1 HTTP 302
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=K9crs6dR00wX0yy79Ufe&pi=outbrain&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&tc=1

Request Chain 116

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LK0X900I-17-JR1&obUid=&initiator=&gdpr=0&us_privacy=1---

Request Chain 118

https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm HTTP 302
https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&xl8blockcheck=1 HTTP 302
https://idsync.rlcdn.com/397416.gif?partner_uid=3d9b5230dfd511ed069233e68413a79e HTTP 307
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=1cddb16f-08ec-491a-b734-623f5f1ccea4

Request Chain 119

https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DsNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DsNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob&s=193091&C=1 HTTP 302
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=ZK-9np85KbjHq-B3XtD-wwAADf0AAAAB&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob

Request Chain 120

https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.outbrain.com%252Fcookie-sync%253Fp%253Dpubmatic%2526obUid%253DsNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm%2526gdpr%253D0%2526initiator%253Dob%2526gdpr_consent%253D%2526us_privacy%253D1---%2526uid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.outbrain.com%252Fcookie-sync%253Fp%253Dpubmatic%2526obUid%253DsNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm%2526gdpr%253D0%2526initiator%253Dob%2526gdpr_consent%253D%2526us_privacy%253D1---%2526uid%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjMzRDdCN0UtQTBCNy00MkVELTlBNTYtQjVGMzM5MjA0MENF&gdpr=-1&gdpr_consent=PM_CONSENT HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=PM_CONSENT

Request Chain 121

https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob%26obUid%3DsNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm%26uid%3D HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob%26obUid%3DsNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm%26uid%3D HTTP 302
https://sync.outbrain.com/cookie-sync?p=openx&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&uid=f90ae70e-ba45-4286-8b22-b061de3c6857

Request Chain 122

https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&us_privacy=1---&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&us_privacy=1---&redir=true&verify=true HTTP 302
https://sync.outbrain.com/cookie-sync?p=oath&uid=y-eXgK_KpE2uHHlSajHHtvYn5gAFPrvsk1DUgY04U-~A&gdpr=0

Request Chain 123

https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DsNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
https://ice.360yield.com/ul_cb/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DsNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=cf6f6abe-6069-4b4e-8dd2-51a4243a28d3&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob

Request Chain 124

https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DsNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
https://sync.outbrain.com/cookie-sync?p=smaato&uid=f77b551&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob

Request Chain 125

https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DsNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
https://sync.outbrain.com/cookie-sync?p=smart&uid=4085074864649846472&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob

Request Chain 127

https://id.rlcdn.com/711945.gif?ct=4&cv= HTTP 307
https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&

Request Chain 128

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3DsNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=127&gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3DsNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
https://sync.outbrain.com/cookie-sync?p=centro&uid=4b1d04ac-7e8d-4533-90c8-472901c9ecbc-64afbda0-4341&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob

Request Chain 129

https://cms.quantserve.com/pixel/p-cxanv6hYFn1kw.gif?idmatch=0&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&us_privacy=1---&initiator=ob&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&uid=280kRI-dfEDAzCZE1M1oGtWacxPAz3QS1MFO69eX

Request Chain 158

https://hashtaglabs-d.openx.net/w/1.0/pd?us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECH_nmEIP1UU1Fe0gGApNu0&google_cver=1

175 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
hromok-ca.shop/ 122 KB
30 KB 992ms
501ms Document
text/html 2a01:4f8:140:8224::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hromok-ca.shop/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:140:8224::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: d07461f48d7f187393d0e87635053082d75069133a1ec7b9828bec3b66f40bc7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 13 Jul 2023 09:02:10 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding

GET
H2 200 OtAutoBlock.js Show response
cookie-cdn.cookiepro.com/consent/f7029bfa-4907-411f-b3ea-2327c44ae364/ 11 KB
3 KB 399ms
84ms Script
application/x-javascript 2606:4700::6812:1053
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/f7029bfa-4907-411f-b3ea-2327c44ae364/OtAutoBlock.js

Requested by

Host: hromok-ca.shop
URL: https://hromok-ca.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1053 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1691528e16358e4a55f27a5960fdb5c5cfc05671e6682aa5d28ce102f483e758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jul 2023 09:02:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: Tir0qK8nCZjoJmsFueP6dw==
age: 35642
x-ms-lease-status: unlocked
last-modified: Mon, 26 Jun 2023 19:15:34 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 3cba9668-501e-00b6-3562-a84a3b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7e6058791c3bca47-YUL

GET
H2 200 otSDKStub.js Show response
cookie-cdn.cookiepro.com/scripttemplates/ 21 KB
7 KB 393ms
79ms Script
application/javascript 2606:4700::6812:1053
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Requested by

Host: hromok-ca.shop
URL: https://hromok-ca.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1053 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffc79feebdfe105c3de8840c2a5814b3fae59d3529463fdf9329080967ed92ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jul 2023 09:02:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: Ss3gfiwT9vXTSvNlfc+4JQ==
age: 47823
x-ms-lease-status: unlocked
last-modified: Fri, 30 Jun 2023 01:43:23 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 92d18d64-301e-00a0-0a7d-abbcec000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7e6058791c3cca47-YUL
expires: Fri, 14 Jul 2023 09:02:11 GMT

GET
H2 200 qzq4qkv.css
use.typekit.net/ 5 KB
1 KB 362ms
44ms Stylesheet
text/css 2600:141b:13::17d7:8252
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/qzq4qkv.css

Requested by

Host: hromok-ca.shop
URL: https://hromok-ca.shop/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:13::17d7:8252 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

18e417acc2170bc5559488138d56f4d308d36104a26eff8c23dd2cb371ab514a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Thu, 13 Jul 2023 09:02:11 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 890

GET
H2 200 All.min.8f6c6b1790d4e66aac972073b172d445.css
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/ 330 KB
331 KB 354ms
36ms Stylesheet
text/css 52.85.61.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.8f6c6b1790d4e66aac972073b172d445.css?v=1212
Requested by: Host: hromok-ca.shop
URL: https://hromok-ca.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-21.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b322ec4f04cce9da5fdb6d36fbc9aa027d5542b06fea9dcf18225f36e02f480f

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 21:05:56 GMT
via: 1.1 95edb2a6efdb5ee4d3c7f7aa298bb2f2.cloudfront.net (CloudFront)
last-modified: Fri, 19 May 2023 17:43:10 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-P1
age: 647776
etag: "71b2d865637fde9a862f9c216c4e765a"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 338142
x-amz-cf-id: kGUk-CqlBVC_y3OZ2o57gm5HElUB10wa5lHPP34idduuTN5ZwTO2Lg==

GET
H2 200 webcomponents-loader.2938a610ca02c611209b1a5ba2884385.js Show response
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/webcomponents-loader/ 2 KB
3 KB 451ms
133ms Script
text/javascript 52.85.61.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/webcomponents-loader/webcomponents-loader.2938a610ca02c611209b1a5ba2884385.js
Requested by: Host: hromok-ca.shop
URL: https://hromok-ca.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-21.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e524d44843e7d1c9ec644402f6d3c2b74655676f373b5c1338807c11afc2325e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:19:11 GMT
via: 1.1 95edb2a6efdb5ee4d3c7f7aa298bb2f2.cloudfront.net (CloudFront)
last-modified: Mon, 28 Feb 2022 14:08:13 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-P1
age: 1489381
etag: "c7d9f55830713ddc982a9a67c539f51f"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2440
x-amz-cf-id: 7TYBzSIo9GKVBYzOj9W-NRtt3luGmngZVlTdCtkRUDbz_rc7x33wLA==

GET
H2 200 All.min.56ae7bb82928de8956855faca94cacf3.js Show response
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/ 184 KB
184 KB 180ms
18ms Script
text/javascript 52.85.61.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/All.min.56ae7bb82928de8956855faca94cacf3.js
Requested by: Host: hromok-ca.shop
URL: https://hromok-ca.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-21.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5a0362e68aa5fb86e1965e04df43b93abeb2e0b145d1f7c4facb4a8f9947accc

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 21:05:56 GMT
via: 1.1 95edb2a6efdb5ee4d3c7f7aa298bb2f2.cloudfront.net (CloudFront)
last-modified: Tue, 14 Mar 2023 15:10:21 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-P1
age: 647777
etag: "437d8f069a00ed97cec284e518595b84"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 188185
x-amz-cf-id: lP0rabLwC7SYcLHA2ywp8g-6AwI7cZoEF-pq0x70X6100JIo4mqvjQ==

GET
H2 200 htlbid.css
htlbid.com/v3/deseret.com/ 4 KB
878 B 489ms
181ms Stylesheet
text/css 13.33.60.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/deseret.com/htlbid.css
Requested by: Host: hromok-ca.shop
URL: https://hromok-ca.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-51.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ade64b94b199f7eed364aed791007ad5ea08cb6b4d23d29a4e525eed6d546cc3

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:12 GMT
content-encoding: br
via: 1.1 ebfea1c8ef298b6d415684e80825a276.cloudfront.net (CloudFront)
last-modified: Tue, 06 Jun 2023 18:26:03 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
x-amz-server-side-encryption: AES256
etag: W/"a18677c6faa95e37000068d366bbdeb4"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
cache-control: max-age=600
x-amz-cf-id: F6ZWOehVetyot2prnWEjpXtjmbhz2HrXmPDiphXQq7r7rH72I4Um3Q==

GET
H2 200 htlbid.js Show response
htlbid.com/v3/deseret.com/ 360 KB
94 KB 416ms
109ms Script
application/javascript 13.33.60.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/deseret.com/htlbid.js
Requested by: Host: hromok-ca.shop
URL: https://hromok-ca.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-51.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31dafbe7715d515d4b8f11b719eb0431d2fb111a062447e2e76a8351c97a627a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:12 GMT
content-encoding: br
via: 1.1 ebfea1c8ef298b6d415684e80825a276.cloudfront.net (CloudFront)
last-modified: Tue, 06 Jun 2023 18:26:03 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
x-amz-server-side-encryption: AES256
etag: W/"90b905370f8bd50a600e0eab0962b367"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=600
x-amz-cf-id: lbd6bme3RcQCgAhjBViYzBMAciqWzzTxPg0NR9BN6DWZaIAQM1p_Eg==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
27 KB 587ms
28ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: hromok-ca.shop
URL: https://hromok-ca.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41cda7fd0df5e6fcaf68cc9368d80aed3cccd29a138e2b4aa0f44f63a1a44b23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27642
x-xss-protection: 0
server: cafe
etag: 355 / 19551 / 31076034 / config-hash: 5399332811747128074
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 09:02:12 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/deseretdigital/ 62 KB
26 KB 551ms
0ms Script
application/javascript 54.230.163.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/deseretdigital/op.js
Requested by: Host: hromok-ca.shop
URL: https://hromok-ca.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-106.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8929d94e910af00977ccc910ac9ecd3bb69d58433f59074d38d4c6487acb41aa

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: keO912r3ppVnJWgiSUOe_GVEuevdxp5I
content-encoding: gzip
via: 1.1 29cdae592cbcdf154c4515153175497e.cloudfront.net (CloudFront)
date: Thu, 13 Jul 2023 08:31:39 GMT
x-amz-cf-pop: EWR53-C3
age: 1834
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 26223
x-amz-meta-git_commit: e09f10f
last-modified: Thu, 06 Jul 2023 20:31:55 GMT
server: AmazonS3
etag: "bccc066352d100b1512fc6b4b7c659c7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 7Rwrf8YirqQqfeFRHNc5478hn7kNVEiABEU0_CJJE4rcWnLPp8I4Qg==

GET
H2 200 deseret-scripts.bsp.min.js Show response
uploads.deseret.com/scripts/ 220 KB
73 KB 566ms
7ms Script
text/javascript 2606:4700:10::6816:1971
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads.deseret.com/scripts/deseret-scripts.bsp.min.js
Requested by: Host: hromok-ca.shop
URL: https://hromok-ca.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1971 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 710085fc2266bb1adf635ca38d7bcac541bd0b2c30ee9a0e102eb3fbbc813043

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 05 Jun 2023 18:45:28 GMT
server: cloudflare
x-amz-request-id: VX48SPGYDWAABYG0
age: 119
etag: W/"ec44c104e898d162f03a92ce6701f92c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 7e6058819df04372-EWR
x-amz-id-2: z7uiOy/7cGVMBcr26u6bwqObNTfRJNr7jw3DH/AljXB/xAA2CE2I1yy1I2olh7+kC91V9G4GGI8=

GET
H2 200 iframe_api Show response
www.youtube.com/ 1006 B
2 KB 577ms
18ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: hromok-ca.shop
URL: https://hromok-ca.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba4dde2c5e2251033818c4f743e6bb20635f9c2ea216bd000b7b882bb9bb4e62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 13 Jul 2023 09:02:12 GMT

GET Benton_Sans_Regular.a86565d35df3a9fb1e50b963cbf97a13.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 0
0

GET Benton_Sans_Bold.8cb714e2e55e898768c36431818db72f.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 0
0

GET Benton_Sans_Condensed_Medium.bb363d55467296410f913b84056528f9.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 0
0

GET Poynter_Oldstyle_Display_Bold.26cefedcab11054b85987ff2f992a2c5.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 0
0

GET Poynter_Oldstyle_Text_Italic.9f7066049b8a07ca0e905ba46c8645f4.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 0
0

GET Poynter_Oldstyle_Text_Roman.7d4d83ea55695b66b9beb992fadfb14b.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 0
0

GET Poynter_Oldstyle_Text_Bold.401d3b047965b9833f0ef9a4299972b2.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 0
0

GET Benton_Sans_Regular.409a2ac6bc1aa08eb312bd751e5b8f40.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 0
0

GET Benton_Sans_Bold.d49a5ce3e771acb6ef7780dfb8628852.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 0
0

GET Benton_Sans_Condensed_Medium.93a6c93a1977e45c6c8110ece8b4b5d0.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 0
0

GET Poynter_Oldstyle_Display_Bold.3ae2bb4526d6e998f6f95c1227253d91.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 0
0

GET Poynter_Oldstyle_Text_Italic.1852359a620808c5c15d4adc10b281d9.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 0
0

GET Poynter_Oldstyle_Text_Roman.a3e2828fcd9d3b031c3d3e07aea3d55e.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 0
0

GET Poynter_Oldstyle_Text_Bold.5151938f16d42d400f1b1b6cf8ce28b0.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/ 0
0

GET
H2 200 deseret.svg
deseret.brightspotcdn.com/a8/e0/1f3859ae45049aa4e408a6134060/ 5 KB
5 KB 178ms
16ms Image
image/svg+xml 52.85.61.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deseret.brightspotcdn.com/a8/e0/1f3859ae45049aa4e408a6134060/deseret.svg
Requested by: Host: hromok-ca.shop
URL: https://hromok-ca.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-21.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e56d46b73d36a4cd2959b5163de05df3f69ed1a27f99ffed7bd73089ba7ab88

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 09:18:01 GMT
via: 1.1 95edb2a6efdb5ee4d3c7f7aa298bb2f2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Feb 2022 13:41:52 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-P1
age: 1208652
etag: "96da6f127c1dfe20cd4dd8043d3b2711"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 5129
x-amz-cf-id: hFPNyDVMTX7y5O7EXrX2etYixrb0fVHGdrPM-YeE4CpbyiZIZC-qrw==

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 230 KB
84 KB 557ms
0ms Script
application/x-javascript 96.16.196.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: hromok-ca.shop
URL: https://hromok-ca.shop/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.196.219 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-196-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4e613ea62e3357c2efdb4e7b109368cfed602b021033f530bc41c8eb8e96090f

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:12 GMT
content-encoding: gzip
last-modified: Sun, 09 Jul 2023 10:16:14 GMT
etag: "17-kjRqfSgLxzATLlqp6eEHuHRj4gY"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14500
access-control-allow-credentials: false
x-traceid: 47e5c01a72fa7743c0b0513d8c6b4a68
timing-allow-origin: *, *
content-length: 85149
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 deseret-all-white.svg
deseret.brightspotcdn.com/f5/3a/e18fad7149db9774e45b66febd3e/ 6 KB
6 KB 178ms
17ms Image
image/svg+xml 52.85.61.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deseret.brightspotcdn.com/f5/3a/e18fad7149db9774e45b66febd3e/deseret-all-white.svg
Requested by: Host: hromok-ca.shop
URL: https://hromok-ca.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-21.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb0937c8795554e0837a02e3c17fc431c8665d70b631fd4bc285e8c10e5e22a6

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 09:18:01 GMT
via: 1.1 95edb2a6efdb5ee4d3c7f7aa298bb2f2.cloudfront.net (CloudFront)
last-modified: Fri, 18 Feb 2022 17:21:55 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-P1
age: 1208652
etag: "1e425a1d2e93778d611f9b7683f6837e"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 6126
x-amz-cf-id: DhtpOgTrfgeKdHDp4rgdVy0oCbpkl5MEtzYC8axSn5_PUkOWiz5vBA==

GET
H2 200 bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.js Show response
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/_resource/analytics/ 9 KB
9 KB 186ms
18ms Script
text/javascript 52.85.61.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/_resource/analytics/bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.js
Requested by: Host: hromok-ca.shop
URL: https://hromok-ca.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-21.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4d188579bddcd83fc8d1383f60e6a50c5cc3428e4f6c32b493a8cce04bc9c87

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:19:11 GMT
via: 1.1 95edb2a6efdb5ee4d3c7f7aa298bb2f2.cloudfront.net (CloudFront)
last-modified: Mon, 28 Feb 2022 14:08:14 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-P1
age: 1489382
etag: "1a2f1fe1fc7fa73fb45eb8a7b1b94b95"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 9273
x-amz-cf-id: TaUDX2mnlDDnkGRzkpH8y_0a1dAWkFQPCKCiV2Vuva3Gwr7L37bHhw==

GET
H2 200 f7029bfa-4907-411f-b3ea-2327c44ae364.json Show response
cookie-cdn.cookiepro.com/consent/f7029bfa-4907-411f-b3ea-2327c44ae364/ 4 KB
2 KB 409ms
103ms XHR
application/x-javascript 2606:4700::6812:1053
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/f7029bfa-4907-411f-b3ea-2327c44ae364/f7029bfa-4907-411f-b3ea-2327c44ae364.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1053 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50e378c7aa7ad5b23df32fb96dd0f293cbaa9c51e72047aca49dfeb12b18990d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jul 2023 09:02:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: c3HWtXP90yuZCcZp4eDixw==
x-ms-lease-status: unlocked
last-modified: Mon, 26 Jun 2023 19:15:34 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 354c5b6c-e01e-0047-18f1-b45316000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7e60587c7bae713e-YUL

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 270ms
0ms Stylesheet
text/css 2600:141b:13::17d7:8252
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=qzq4qkv&ht=tk&f=30813.30814.30816.30818.30834.31040.31047&a=12600432&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:8252 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:11 GMT
last-modified: Thu, 09 Mar 2023 17:19:04 GMT
server: nginx
etag: "640a1508-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
26 KB 603ms
46ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: htlbid.com
URL: https://htlbid.com/v3/deseret.com/htlbid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce2b6aa9e453dac040ec4d3fa1fee26e4a1a02449216cd3e1e63da7b2c62be8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25720
x-xss-protection: 0
server: cafe
etag: 153 / 19551 / 31076083 / config-hash: 5399332811747128074
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 09:02:12 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 236 KB
58 KB 574ms
6ms Script
application/javascript 143.204.151.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/deseret.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.151.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-151-99.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6cdf5b8d8528713b5a7b3fae738d27e6107afa0cc3a8e691a9d612303f6dfd7a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 08:37:25 GMT
content-encoding: gzip
via: 1.1 28b7c2485796d46f9fb0b0705162491a.cloudfront.net (CloudFront), 1.1 57a894c75d329d29ecabaa7a88eb80a4.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jun 2023 21:03:21 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-P2, EWR52-C2
age: 1488
x-amz-server-side-encryption: AES256
etag: W/"7c6a36eb4b73f6b7cf4a63a33418a2c9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: b8szDlxmMrIz9daNTNUzsPBdEbOcqcIKcW36TLjBE4ooX5YiwqCFsg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 270 KB
90 KB 603ms
47ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W9QHGH

Requested by

Host: hromok-ca.shop
URL: https://hromok-ca.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

608cf6fdd442eaa73d0e6a5f331bc73fb30347c39057e130faf533431551b03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91835
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 13 Jul 2023 09:02:12 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 547ms
0ms Script
application/x-javascript 2a03:2880:f00e:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: hromok-ca.shop
URL: https://hromok-ca.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f61115d7a15f95b2788e6f7fd5fbc22075cf23ee83fc45e3cbf4cdf057c1b2ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jul 2023 09:02:12 GMT
content-md5: kUeNEzvEQh+J5qPmrzHsZQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-debug: yeczFIEgzDRDC+lLpc+u9cRQqUZ/X99icbVpnnFM3hhL8Ij18dRJ/OEVlu6hocmDJ1KnjedD7mpb6MVzJ5jnlw==
x-fb-content-md5: 16a18e949409d7017b074fffb75c54c4
cross-origin-opener-policy: same-origin-allow-popups
etag: "8c76a9c94835e8524ac7d67baf00b5d5"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 13 Jul 2023 09:19:09 GMT

GET
H2 200 v2ghq4H8pSqsSE5TvCRMeg19JrcNjnOdwdTO_2xu06qvex-mky4fUPQk Show response
restrainstorm.com/ 63 KB
23 KB 588ms
36ms Script
text/javascript 2600:1901:0:7a38::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://restrainstorm.com/v2ghq4H8pSqsSE5TvCRMeg19JrcNjnOdwdTO_2xu06qvex-mky4fUPQk

Requested by

Host: hromok-ca.shop
URL: https://hromok-ca.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7a38::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

bb311a0fd46dbef6a3d721fafe96428cae2875bf97826a7c97eedc380072aef2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Thu, 13 Jul 2023 09:02:12 GMT
x-datacenter: gce-us-east1
etag: "5a8f4cb873e0c9431f58655e60eedefad9fa4d6ec2c5d995041231e60e2ad8f0"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-us-east1-spot-nd3x
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 924731853
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 529ms
25ms XHR
application/json 2606:4700::6812:1c26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db0da7efe3ac5fc9e598f71e291326f137ea7bbbf97fed4fee0e86b717b0d9a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7e6058819d814bbe-YUL
access-control-allow-headers: Content-Type

GET 228f7278b56ec5f4c512.8764e4dc5bb5d6dc0a7723926dadba3f.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/ 0
0

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af8574c64eb8a1a24537fe67d1c22a775ddff60c52157b8922dae42caf91db97

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET 3811c0417f2e9e014f1d.3fbdfab499553e66ade62aa089808383.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/ 0
0

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 742eda3b2d2aefb9c25c7daa5dfe251f02317aae3027a7f8221710d9a5a3d3d5

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6228e761dcb43896055c3e8271b1e4dfd480df47f1ee88c57c1000b991e60c0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13cf20ab39f2ee3b1029137d2f0bc18158f3414cc77af987c091aa6b2438b769

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET 9a8d32d539073ef74f3e.64eccfd09cafb2704571be2d12cc225b.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/ 0
0

GET d02ee5d3226eb0e8bf36.bd48110194a908a4a1e939b1656d318a.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/ 0
0

GET 56873dddf01c173e6d7c.86be8971ac1519f2cfdf90b1b087eeaa.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/ 0
0

GET a9fcb7d84180304e8fe7.f07418e94d3ab3dc90c1135c26084266.woff2
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/ 0
0

GET
H2 200 embed.js Show response
deseretnews.coral.coralproject.net/assets/js/ 105 KB
30 KB 269ms
40ms Script
application/javascript 35.244.156.29
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://deseretnews.coral.coralproject.net/assets/js/embed.js

Requested by

Host: hromok-ca.shop
URL: https://hromok-ca.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.156.29 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

29.156.244.35.bc.googleusercontent.com

Software

Resource Hash

62ef682c38ec798a115e152d5dda9b9e731fc734b9ed3f188af227aaf65fe40a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jul 2023 08:43:34 GMT
via: 1.1 google
age: 1119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30665
x-xss-protection: 1; mode=block
x-trace-id: 5a36a280-2159-11ee-83da-89fcb19ad1a9
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Jun 2023 14:57:08 GMT
etag: W/"77c9-188fd5bbda0"
vary: Accept-Encoding
content-language: en-US
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=1800, s-max-age=604800
accept-ranges: bytes

GET
H2 200 otBannerSdk.js
cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/ 404 KB
94 KB 167ms
70ms Script
application/javascript 2606:4700::6812:1053
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/otBannerSdk.js

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1053 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jul 2023 09:02:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: XJk1ZZTljtwHFT3qcIJg+w==
age: 50315
x-ms-lease-status: unlocked
last-modified: Fri, 09 Jun 2023 01:34:32 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f6dfab97-701e-009e-5190-9a2b93000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7e605886ed4dca47-YUL
expires: Fri, 14 Jul 2023 09:02:13 GMT

GET 6beab6a675108945ea18.a8ea55985305b53e31a1feb3cb8fdd12.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/ 0
0

GET 18276429547f3d554011.e180fad043a83296528427bc04dbabf3.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/ 0
0

GET 77fb4accf5df60b92e2e.2c702352e292ec517a9cbee418d2e331.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/ 0
0

GET 37e66169e9da4c9b3b71.b8ca7a663365c7b822c7f9285a24693c.woff
deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/ 0
0

GET
DATA 200
OK truncated
/ 87 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d37a519f3a04fe4c01c920f2ba0cf85283ebd419b5d101a606c5ee2b33f19b35

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 l
use.typekit.net/af/49ef66/00000000000000003b9b2cfc/27/ 37 KB
37 KB 179ms
21ms Font
application/font-woff2 2600:141b:13::17d7:8252
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/49ef66/00000000000000003b9b2cfc/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:8252 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 351ba2ac20d28ffadb1115a6dd19d3a789cbd9d30d88630ca6d0a9a7fa6122d9

Request headers

Referer: https://use.typekit.net/qzq4qkv.css
Origin: https://hromok-ca.shop
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:13 GMT
server: nginx
etag: "cea691f813baff9c459e093daf1ff69d154fedc0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 37980

POST
H2 404 _track
hromok-ca.shop/ 2 KB
1 KB 144ms
127ms XHR
text/html 2a01:4f8:140:8224::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hromok-ca.shop/_track
Requested by: Host: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/_resource/analytics/bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:140:8224::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 13 Jul 2023 09:02:14 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 l
use.typekit.net/af/343e47/00000000000000003b9b2cf9/27/ 38 KB
39 KB 24ms
24ms Font
application/font-woff2 2600:141b:13::17d7:8252
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/343e47/00000000000000003b9b2cf9/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:8252 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 63d8f08bbefb4763417e02b92ddc2b4e2fb66ac0418e20dcf9271f5f49d4236c

Request headers

Referer: https://use.typekit.net/qzq4qkv.css
Origin: https://hromok-ca.shop
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:14 GMT
server: nginx
etag: "9a0ddb2a9b3aa5e4eb0cc25f50e612d5ae59958a"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 39344

GET
H3 200 sdk.js
connect.facebook.net/en_US/ 301 KB
85 KB 83ms
43ms Script
application/x-javascript 2a03:2880:f00e:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=6bb03e46fe07da6027b63f65bffe7058

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer
Origin: https://hromok-ca.shop
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jul 2023 09:02:14 GMT
content-md5: CwBdZNmGM0/CSQcGr+r2Uw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87289
x-fb-debug: 1uTgKsqBFMHaj4y80HaPZkTBUIH2yIsu78CgmotDfYU8Yzkuu53rkQPocSq66GjB0wOgmqfCT7ZJCu3J0v5ebQ==
x-fb-content-md5: f60aebb4f7a09ecf1ace522eb084d322
cross-origin-opener-policy: same-origin-allow-popups
etag: "bdcbacf75308ace3ba21a98648d4fa05"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 12 Jul 2024 07:38:00 GMT

GET
H2 200 b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ 79 KB
30 KB 50ms
49ms Script
application/javascript 54.230.163.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-106.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:22:15 GMT
content-encoding: gzip
via: 1.1 29cdae592cbcdf154c4515153175497e.cloudfront.net (CloudFront)
x-amz-version-id: zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop: EWR53-C3
age: 3256800
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29795
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:21:55 GMT
server: AmazonS3
etag: "8e8814a257127c5444a137691d0355fe"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: yJomsXOVSpBlcYiL9d4yJs4uNmZzTqvKi2JppJ0mxF1LUJe4wn_fdw==

GET
H2 200 bl-1e0054c-3f7000e9.js
tagan.adlightning.com/deseretdigital/ 46 KB
19 KB 64ms
64ms Script
application/javascript 54.230.163.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/deseretdigital/bl-1e0054c-3f7000e9.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-106.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:38:29 GMT
content-encoding: gzip
via: 1.1 29cdae592cbcdf154c4515153175497e.cloudfront.net (CloudFront)
x-amz-version-id: 8qJDEvReEYefMPXWQvHPv.HCa440tGF5
x-amz-cf-pop: EWR53-C3
age: 563026
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 19159
x-amz-meta-git_commit: 1e0054c
last-modified: Thu, 06 Jul 2023 20:31:21 GMT
server: AmazonS3
etag: "88dc6fe0f2e89f26e6b352618cbc119b"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: AeGL8CXUVwM-yGSsRgvKhmC1SWnxjXUSypGO0dpesCLOxK-AmqRl1Q==

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/webp

GET
H/1.1 200
OK aHJvbW9rLWNhLnNob3A=
tcheck.outbrainimg.com/tcheck/check/ 16 B
464 B 484ms
308ms XHR
application/json 23.52.152.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/aHJvbW9rLWNhLnNob3A=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.152.237 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-152-237.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 13 Jul 2023 09:02:14 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=43200
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: eddd4b048ecd30a4660d7c51f7b1d217
Content-Length: 16
Expires: Thu, 13 Jul 2023 21:02:14 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
371 B 62ms
24ms Image
image/gif 96.16.196.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: hromok-ca.shop
URL: https://hromok-ca.shop/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.196.219 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-196-219.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 12 Aug 2023 09:02:14 GMT
date: Thu, 13 Jul 2023 09:02:14 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 295ms
109ms XHR
application/javascript 143.204.151.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.151.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-151-99.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:15 GMT
x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 ac664c0310f2b9554aba4708107d094c.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 1JaP0PqmCvkSQay76T5v7BPX241rDpxu8fy1XG6J59IXy6VqTOO5Tw==

GET
H2 200 pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/ 391 KB
125 KB 98ms
18ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js?cb=31076034

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 18:36:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51937
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127471
x-xss-protection: 0
server: cafe
etag: 16392902606907886609
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 11 Jul 2024 18:36:37 GMT

GET
H3 200 ppub_config
securepubads.g.doubleclick.net/pagead/ 47 B
72 B 238ms
77ms XHR
application/json 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=hromok-ca.shop

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48
x-xss-protection: 0
expires: Thu, 13 Jul 2023 09:02:14 GMT

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
483 B 234ms
32ms Image
image/gif 2600:9000:21dd:6c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adslot=dqovp_728x90_
Requested by: Host: hromok-ca.shop
URL: https://hromok-ca.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:6c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 07:41:00 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 d8231fd704ad0bc5e49083372d79c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 13656074
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: Cf9pjytsc2ZsXqut8L1X1MRO6JvuGCKVGvG1gYu9WDDfUbXWtk9JoA==

GET
H2 200 newsBanner.json
uploads.deseret.com/files/deseret-news/ 2 B
393 B 254ms
131ms Fetch
application/json 2606:4700:10::6816:1971
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads.deseret.com/files/deseret-news/newsBanner.json
Requested by: Host: uploads.deseret.com
URL: https://uploads.deseret.com/scripts/deseret-scripts.bsp.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1971 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:14 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 21 Mar 2023 17:57:59 GMT
server: cloudflare
x-amz-request-id: 6PXRFFXHHR35T7GJ
etag: "d751713988987e9331980363e24189ce"
x-amz-server-side-encryption: AES256
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 7e60588ebed041d3-EWR
content-length: 2
x-amz-id-2: FLo7ejAT0EPGW98DFkjPp8kOqB8VEb5Di+R0EvegUzlSI7oGLZY6Nir8Z/5Jkh3CdRmFwS17nA0=

GET
H2 200 get
mv.outbrain.com/Multivac/api/ 2 KB
2 KB 550ms
358ms Script
text/javascript 146.75.34.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fhromok-ca.shop%2F&idx=0&rand=98435&widgetJSId=AR_1&va=true&et=true&format=html&px=250&py=3583&vpd=2383&cw=770&settings=true&recs=true&key=NANOWDGT01&adblck=false&abwl=false&ab=0&wl=0&umv=1&activeTab=true&version=2010370&sig=tlMAwI56&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpa=1---&ccpaStat=1&chs=1&ogn=https%3A%2F%2Fhromok-ca.shop%2F
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.34.132 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 13 Jul 2023 09:02:15 GMT
content-encoding: br
via: 1.1 varnish
traffic-path: SADC1, IAD, North_America
x-cache: MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
x-traceid: 6b9e9066c67bd2883c464ad2bef34530
content-length: 1050
x-served-by: cache-iad-kjyo7100041-IAD
pragma: no-cache
x-timer: S1689238935.232646,VS0,VE328
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
cache-control: no-cache
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
deseret.brightspotcdn.com/dims4/default/ed29d42/2147483647/strip/true/crop/3016x2009+2+0/resize/1300x866!/format/webp/quality/90/ 56 KB
57 KB 89ms
72ms Image
image/webp 52.85.61.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deseret.brightspotcdn.com/dims4/default/ed29d42/2147483647/strip/true/crop/3016x2009+2+0/resize/1300x866!/format/webp/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2FkNpETxTftVqUA8Occps2dW8raaQ%3D%2F0x0%3A3020x2009%2F3020x2009%2Ffilters%3Afocal%281510x1005%3A1511x1006%29%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F24676280%2FAP23046626221174.jpg
Requested by: Host: hromok-ca.shop
URL: https://hromok-ca.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-21.ewr53.r.cloudfront.net
Software: istio-envoy /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 18:15:29 GMT
x-envoy-decorator-operation: brightspot-dims-verify.deseret.svc.cluster.local:80/*
via: 1.1 95edb2a6efdb5ee4d3c7f7aa298bb2f2.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: EWR53-P1
age: 744406
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-envoy-upstream-service-time: 260
content-length: 57734
x-amz-cf-id: 5WKUGjJ3hHssB45F3WstmetKtyqcF3REVFruHiAG-jj4Dk28rsn7pA==
expires: Wed, 03 Jul 2024 18:15:29 GMT

GET
H2 200 /
deseret.brightspotcdn.com/dims4/default/0a319f5/2147483647/strip/true/crop/4275x2825+0+13/resize/840x555!/format/webp/quality/90/ 108 KB
108 KB 46ms
29ms Image
image/webp 52.85.61.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deseret.brightspotcdn.com/dims4/default/0a319f5/2147483647/strip/true/crop/4275x2825+0+13/resize/840x555!/format/webp/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2FVV0nswRa_cCMnNCHofrI1UDazN8%3D%2F0x0%3A4275x2850%2F4275x2850%2Ffilters%3Afocal%282138x1425%3A2139x1426%29%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F24778607%2FAP23190135507145.jpg
Requested by: Host: hromok-ca.shop
URL: https://hromok-ca.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-21.ewr53.r.cloudfront.net
Software: istio-envoy /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:40:06 GMT
x-envoy-decorator-operation: brightspot-dims-verify.deseret.svc.cluster.local:80/*
via: 1.1 95edb2a6efdb5ee4d3c7f7aa298bb2f2.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: EWR53-P1
age: 220929
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-envoy-upstream-service-time: 401
content-length: 110082
x-amz-cf-id: 6w8ISnhG1HS0OVqpKTvDalL2MsykQnTnULFG1eQNTU8x-sFhCd9gEg==
expires: Tue, 09 Jul 2024 19:40:06 GMT

GET
H2 200 quant.js
secure.quantserve.com/ 22 KB
9 KB 181ms
61ms Script
application/javascript 2620:116:800b:21:c1e8:5385:5098:6bf0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9QHGH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:15 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 20 Jul 2023 09:02:15 GMT

GET
H2 200 fbevents.js
connect.facebook.net/en_US/ 171 KB
46 KB 41ms
31ms Script
application/x-javascript 2a03:2880:f00e:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: hromok-ca.shop
URL: https://hromok-ca.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 13 Jul 2023 09:02:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46863
x-xss-protection: 0
pragma: public
x-fb-debug: iqCFWQBZ2il8N043z/XtQcfj1c5J8e7vijMKn166kjgR4Llh3cWA8VojwsPvkHSGcEAzWz2l5yKBhanHmkCuWA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=16033947&ns__t=1689238935080&ns_c=UTF-8&c8=Bill%20Gates%3A%20AI%20will%20kill%20off%20Amazon%2C%20Google%20and%20power%20humanoid%20workers%20-%20Deseret%...
https://sb.scorecardresearch.com/b2?c1=2&c2=16033947&ns__t=1689238935080&ns_c=UTF-8&c8=Bill%20Gates%3A%20AI%20will%20kill%20off%20Amazon%2C%20Google%20and%20power%20humanoid%20workers%20-%20Deseret...

0
224 B

32ms
32ms

Image
text/plain

108.139.47.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=16033947&ns__t=1689238935080&ns_c=UTF-8&c8=Bill%20Gates%3A%20AI%20will%20kill%20off%20Amazon%2C%20Google%20and%20power%20humanoid%20workers%20-%20Deseret%20News&c7=https%3A%2F%2Fhromok-ca.shop%2F&c9=
Requested by: Host: hromok-ca.shop
URL: https://hromok-ca.shop/
Protocol: H2
Server: 108.139.47.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-50.jfk50.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:15 GMT
via: 1.1 008cd6752eb718142dfefe2f7e847982.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P1
x-amz-cf-id: ILmvIamiaT7ngWhPa9WruXp8bXt5pAup7vFfszdT2pxkAcDQiJNUIw==
x-cache: Miss from cloudfront

Redirect headers

date: Thu, 13 Jul 2023 09:02:15 GMT
via: 1.1 008cd6752eb718142dfefe2f7e847982.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P1
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=16033947&ns__t=1689238935080&ns_c=UTF-8&c8=Bill%20Gates%3A%20AI%20will%20kill%20off%20Amazon%2C%20Google%20and%20power%20humanoid%20workers%20-%20Deseret%20News&c7=https%3A%2F%2Fhromok-ca.shop%2F&c9=
content-length: 0
x-amz-cf-id: OTPslwfNsaPjEMjG87fWeHMjLSXgqZ58SskBGpGAPG6J2nek5syoYg==

GET
H3 200 bootstrap
deseretnews.coral.coralproject.net/embed/ 869 B
890 B 225ms
111ms XHR
application/json 35.244.156.29
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://deseretnews.coral.coralproject.net/embed/bootstrap

Requested by

Host: deseretnews.coral.coralproject.net
URL: https://deseretnews.coral.coralproject.net/assets/js/embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.156.29 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

29.156.244.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-trace-id: f6515550-215b-11ee-8f99-fd4a12465658
strict-transport-security: max-age=15552000
date: Thu, 13 Jul 2023 09:02:15 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
etag: W/"365-Fp09a5pqyadIw30JcxQ/0euMB2I"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-language: en-US
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 869
x-xss-protection: 1; mode=block

GET
H2 200 en.json
cookie-cdn.cookiepro.com/consent/f7029bfa-4907-411f-b3ea-2327c44ae364/957aeae2-9a26-406d-af6a-ba59972a048f/ 97 KB
17 KB 149ms
149ms Fetch
application/x-javascript 2606:4700::6812:1053
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/f7029bfa-4907-411f-b3ea-2327c44ae364/957aeae2-9a26-406d-af6a-ba59972a048f/en.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1053 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jul 2023 09:02:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: cp6uBvXr2kOGpuhJcCe/LQ==
x-ms-lease-status: unlocked
last-modified: Mon, 26 Jun 2023 19:15:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 3ee60881-d01e-00b8-242b-b5638b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7e6058923e23713e-YUL

GET
H/1.1 200
OK dwce_cheq_events
log.outbrainimg.com/loggerServices/ 4 B
371 B 389ms
78ms XHR
application/json 38.133.127.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1689238935432&sessionId=59ce1a3d-ee25-efdf-aa2e-b483282dbcbf&url=hromok-ca.shop&cheqSource=1&cheqEvent=3&responseTime=1059
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 38.133.127.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 13 Jul 2023 09:02:15 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: adaf37330c1fe1ca35b3ac06253eb73c
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK 1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 68 B
460 B 142ms
54ms Image
image/png 3.5.9.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=ed72d3fb7396
Requested by: Host: hromok-ca.shop
URL: https://hromok-ca.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.9.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 13 Jul 2023 09:02:16 GMT
Last-Modified: Mon, 26 Oct 2020 16:52:19 GMT
Server: AmazonS3
x-amz-request-id: YPRB9063G8VSJT54
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: 15RR29W5J6hcZ/CmQXljiwFF9gHU6uzWdvnamluW0BptG+SSJO3+/nhjD0C0n1tbLdGktxW24WysiEwLInQu3Q==

GET
H2 200 rules-p-e6fjgk4FzErQ3.js
rules.quantcount.com/ 160 B
634 B 429ms
31ms Script
application/javascript 2600:9000:21dd:3a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-e6fjgk4FzErQ3.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:3a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 08:18:14 GMT
via: 1.1 58138fe3ecbee18734b57632af81590a.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 2643
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:26:39 GMT
server: AmazonS3
etag: "338d64467334d314d195404751286c4f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: eADM_T5pwXJKKpXA9lXFqc46TrI_rbf91Kh5m2i8skHJZBRxtEvEKA==

GET
H3 200 1860428570942209
connect.facebook.net/signals/config/ 379 KB
108 KB 32ms
21ms Script
application/x-javascript 2a03:2880:f00e:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1860428570942209?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 13 Jul 2023 09:02:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110530
x-xss-protection: 0
pragma: public
x-fb-debug: oeaWb1ByqvRG/tzLVVU6vaRNdKdAgeYBmUhwU1Pgl/q7GMJy0yqc/rRj7fXj3ySCbdgrVLQuQbAo+nWAHsRYVQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 otFlat.json
cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/assets/ 13 KB
3 KB 197ms
143ms Fetch
application/json 2606:4700::6812:1053
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/assets/otFlat.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1053 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jul 2023 09:02:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: 5mNZducabMgxSDzBo+ZI8w==
x-ms-lease-status: unlocked
last-modified: Fri, 09 Jun 2023 01:34:23 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 575967e9-001e-0012-03d6-b4439d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7e60589adcd4713e-YUL
expires: Fri, 14 Jul 2023 09:02:16 GMT

GET
H2 200 otPcCenter.json
cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/assets/v2/ 61 KB
13 KB 193ms
139ms Fetch
application/json 2606:4700::6812:1053
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/assets/v2/otPcCenter.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1053 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jul 2023 09:02:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: sXFDxCJwbPEMIT/8f5Prwg==
x-ms-lease-status: unlocked
last-modified: Fri, 09 Jun 2023 01:34:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: f3ca1bc3-501e-0020-52d6-b443ea000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7e60589adcd5713e-YUL
expires: Fri, 14 Jul 2023 09:02:16 GMT

GET
H2 200 otCommonStyles.css
cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/assets/ 21 KB
4 KB 198ms
150ms Fetch
text/css 2606:4700::6812:1053
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/assets/otCommonStyles.css

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1053 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jul 2023 09:02:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
x-ms-lease-status: unlocked
last-modified: Fri, 09 Jun 2023 01:34:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 0eb780fc-d01e-005c-5dd6-b46d15000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7e60589adcd6713e-YUL
expires: Fri, 14 Jul 2023 09:02:16 GMT

GET
H2 200 test.html
widgets.outbrain.com/nanoWidget/externals/obUserFrame/ Frame 1D98 2 KB
1 KB 79ms
25ms Document
text/html 96.16.196.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=ed43fc21-ac6d-4f2d-b74d-e07d8a08382b
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.196.219 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-196-219.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 686
content-type: text/html
date: Thu, 13 Jul 2023 09:02:16 GMT
etag: "1e015194a0e596827cb8971f884eb43c:1688905399.646603"
expires: Thu, 20 Jul 2023 09:02:16 GMT
last-modified: Sun, 09 Jul 2023 10:15:34 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 0A85 416 B
744 B 71ms
22ms Document
text/html 96.16.196.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.196.219 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-196-219.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-length: 416
content-type: text/html
date: Thu, 13 Jul 2023 09:02:16 GMT
etag: "c0311cf15c21ddda054005e92fad3f9e:1688905396.839523"
expires: Thu, 20 Jul 2023 09:02:16 GMT
last-modified: Sun, 09 Jul 2023 10:15:34 GMT
server: AkamaiNetStorage
timing-allow-origin: * *

GET
H/1.1 200
OK l
mcdp-sadc1.outbrain.com/ 2 B
381 B 641ms
138ms Fetch
text/plain 38.133.127.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-sadc1.outbrain.com/l?token=62d496bb0d506a46251879bfd1e74b20_-1_1689238935523&tm=2391&eT=0&widgetWidth=770&widgetHeight=0&widgetX=250&widgetY=3584&wRV=2010370&pVis=0&lsd=ed43fc21-ac6d-4f2d-b74d-e07d8a08382b&eIdx=&ccpa=1---&cheq=0&rtt=1700&oo=false&lo=2916&obreq=2802&mvreq=5114&mvres=6813&cet=4g&to=1689238929913.8&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 38.133.127.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 13 Jul 2023 09:02:17 GMT
content-encoding: gzip
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: 685fddef288e653fc7d9dfc4d3334b67
Content-Length: 28

GET
H2 200 obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame E101 19 KB
6 KB 53ms
51ms Document
text/html 96.16.196.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.196.219 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-196-219.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 6040
content-type: text/html
date: Thu, 13 Jul 2023 09:02:16 GMT
etag: "37202485ed061a936935162db30e773e:1683701449.34879"
expires: Thu, 20 Jul 2023 09:02:16 GMT
last-modified: Wed, 10 May 2023 06:16:26 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 integrator.js
adservice.google.com/adsid/ 107 B
456 B 380ms
41ms Script
application/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hromok-ca.shop

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 197ms
89ms XHR
text/plain 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3717949851284087&correlator=2169676629917742&eid=31076034%2C44777901%2C31068367&output=ldjh&gdfp_req=1&vrg=202307100101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=22653237939%2Cdeseret%2Cwww.deseret.com&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=784395597&sfv=1-0-40&ists=1&prev_scp=position%3Dwunderkind&eri=1&cust_params=htlbidid%3D20646%26is_testing%3Dno%26is_home%3Dyes%26category%3DUtah%26post_id%3D00000188-4a56-d496-a78a-4af6b19d0000%26entry_group%3Dbusiness%252Clatest%252Cnews-feed%252Cscience-tech%252Cfront-page%252Cnews-division%252Cutah%26entry_id%3DEntry%253A6a8e3c04-a9db-4ec4-9143-e857a18c3c79%26entry_type%3Darticle%26page_type%3Dinterior_page%26hub_pages%3DBusiness%26author%3DArt%2520Raymond%26keywords%3Dbill%2520gates%2520ai%2520will%2520kill%2520off%2520amazon%2520google%2520and%2520drive%2520future%2520humanoid%2520workers&sc=1&cookie_enabled=1&abxe=1&dt=1689238937493&lmt=1689238937&dlt=1689238931044&idt=5893&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fhromok-ca.shop%2F&frm=20&vis=1&psz=1600x4308&msz=1600x-1&fws=4&ohw=1600&ga_vid=599242674.1689238938&ga_sid=1689238938&ga_hid=1788734732&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js?cb=31076034

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4186
x-xss-protection: 0
google-lineitem-id: 6206897676
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138420574149
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hromok-ca.shop
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads
securepubads.g.doubleclick.net/gampad/ 572 B
315 B 199ms
92ms XHR
text/plain 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3717949851284087&correlator=1362994838543722&eid=31076034%2C44777901%2C31068367&output=ldjh&gdfp_req=1&vrg=202307100101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=22653237939%2Cdeseret%2Cwww.deseret.com%2Cutah%2Cbusiness&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&ifi=2&adks=3124879539&sfv=1-0-40&prev_scp=position%3Darticle_video_recirculation&eri=1&cust_params=htlbidid%3D20646%26is_testing%3Dno%26is_home%3Dyes%26category%3DUtah%26post_id%3D00000188-4a56-d496-a78a-4af6b19d0000%26entry_group%3Dbusiness%252Clatest%252Cnews-feed%252Cscience-tech%252Cfront-page%252Cnews-division%252Cutah%26entry_id%3DEntry%253A6a8e3c04-a9db-4ec4-9143-e857a18c3c79%26entry_type%3Darticle%26page_type%3Dinterior_page%26hub_pages%3DBusiness%26author%3DArt%2520Raymond%26keywords%3Dbill%2520gates%2520ai%2520will%2520kill%2520off%2520amazon%2520google%2520and%2520drive%2520future%2520humanoid%2520workers&sc=1&cookie_enabled=1&abxe=1&dt=1689238937610&lmt=1689238937&dlt=1689238931044&idt=5893&adxs=0&adys=3634&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fhromok-ca.shop%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=599242674.1689238938&ga_sid=1689238938&ga_hid=1788734732&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js?cb=31076034

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 285
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hromok-ca.shop
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
aed277b1e66a59d4f11f8a33e7f06e64.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 01D5 6 KB
3 KB 230ms
45ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aed277b1e66a59d4f11f8a33e7f06e64.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js?cb=31076034

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 09:02:17 GMT
expires: Fri, 12 Jul 2024 09:02:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content prebid
api.bttrack.com/ 0
436 B 259ms
27ms XHR
text/plain 192.132.33.41
BIDTELLECT

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bttrack.com/prebid?x-security-token=13fb4b59-c626-4abf-a7af-d6901ec65309
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/deseret.com/htlbid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.132.33.41 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 41.bidtellect.com
Software: /
Resource Hash

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://hromok-ca.shop
Pragma: no-cache
Date: Thu, 13 Jul 2023 09:02:13 GMT
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
X-ServerName: native020-iad
Expires: -1

POST
H2 200 prebid
ib.adnxs.com/ut/v3/ 19 B
582 B 265ms
19ms XHR
application/json 68.67.160.186
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: htlbid.com
URL: https://htlbid.com/v3/deseret.com/htlbid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 09:02:18 GMT
an-x-request-uuid: f8cd4689-dfca-48d2-bd80-5ca5af73170b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hromok-ca.shop
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 149.56.153.189; 149.56.153.189; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 19
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebidjs
rtb.openx.net/openrtbb/ 53 B
257 B 171ms
28ms XHR
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/deseret.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 13 Jul 2023 09:02:18 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://hromok-ca.shop
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

GET
H2 200 config
c.amazon-adsystem.com/cdn/prod/ 469 B
818 B 58ms
52ms XHR
application/json 143.204.151.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fhromok-ca.shop&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.151.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-151-99.ewr52.r.cloudfront.net
Software: Server /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:17 GMT
via: 1.1 57a894c75d329d29ecabaa7a88eb80a4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: EWR52-C2
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://hromok-ca.shop
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 469
x-amz-cf-id: k4y4acQdUx_Cw_iij6k2_4SYuHJJA6G1vvyUFDqwn5t2cHXFnol5Zw==

GET
H2 200 bid
aax.amazon-adsystem.com/e/dtb/ 23 B
461 B 185ms
42ms XHR
text/javascript 108.138.126.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fhromok-ca.shop%2F&pid=qNePlEfY3Vtc7&cb=0&ws=1600x1200&v=23.612.1758&t=2000&slots=%5B%7B%22sd%22%3A%22htlad-2-gpt%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F22653237939%2Fdeseret%2Fwww.deseret.com%2Futah%2Fbusiness%22%7D%2C%7B%22sd%22%3A%22htlad-4-gpt%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F22653237939%2Fdeseret%2Fwww.deseret.com%2Futah%2Fbusiness%22%7D%5D&schain=1.0%2C1!hashtag-labs.com%2C1000000598%2C1%2C%2C%2C&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.126.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-126-121.jfk50.r.cloudfront.net

Software

Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:18 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 ee6e7a840d56ceb3b04e8ddd420dab06.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P4
x-amz-rid: M46F25PA2Y8F5TWE1382
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://hromok-ca.shop
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: qoB3GqwlbORtvk38sz-41VAeecP5skqDckN2NYWkMWCwatZOZfWv-Q==

GET
H2 200 b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame F374 79 KB
30 KB 23ms
22ms Script
application/javascript 54.230.163.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-106.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:22:15 GMT
content-encoding: gzip
via: 1.1 29cdae592cbcdf154c4515153175497e.cloudfront.net (CloudFront)
x-amz-version-id: zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop: EWR53-C3
age: 3256804
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29795
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:21:55 GMT
server: AmazonS3
etag: "8e8814a257127c5444a137691d0355fe"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: uz90XwitoZBnwmg2FckcvadzX-1SK1vmeLBE3ob_VeiXbuhSGqPG1w==

GET
H2 200 iframebuster.js
assets.bounceexchange.com/assets/bounce/ Frame F374 2 KB
1 KB 99ms
12ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/iframebuster.js?bx_tracker=https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjstxXPdT8a2EruV3-Ws41Y-PX9WBE2BMdjbiWtBvRnyAVERKszxzhqQvLVdBruOLM1oc1tEIqc5CcJogaAywIE8Tf9pZcFyYu2PQgYACR0lSX6cKiI2A6MWnasvrpGsLjgzm-7OxDX5hqkL18LScrOtZaj_uYM9ef7bo0fG1qixn9TCsql8O9FgJA72krSmBo_Sy7igB5IsAzJafG52qRhcsY3w63IKs3yeG4HZQeBdu70pNYovwTGFFt4kLI_9N7u4M2F2yf-ylF23xZzbFgz3rv0PZ5Bp0TbZMDHFb0B93zYjtA64_HaCzzSemAYgMm5j_k7skQWmYr1zd9tCUKNKvoA%26sai%3DAMfl-YS8kZpJSlV8khpOVDlK0WCrgPLpLo_gLsq89ejCky1wcaKekX00PGZOO9adqbtHevmWLM-uS5Uiwozl1mXzCXo60RAwGIl7HTuO07haRwyZ5m5PC12HNuHSnnJp2CKjHY9GMnzEe_ipGYTIlqxR%26sig%3DCg0ArKJSzH9XZ-R-6xunEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3D
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 03:55:52 GMT
content-encoding: gzip
age: 18386
x-guploader-uploadid: ADPycdtfzva87O-zbWiJHNgGb34pa_akp3P4GtYCw-1qXYU95SY_C9kBMWP4zhUxciDchixwTdWs-HRXNtkIB_-AlkhfEw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 970
last-modified: Mon, 10 Jul 2023 18:13:42 GMT
server: UploadServer
etag: "1c80b9a8352f8f12ba828968547ba404"
vary: Accept-Encoding
x-goog-generation: 1689012822180644
x-goog-hash: crc32c=2ZhSRw==, md5=HIC5qDUvjxK6goloVHukBA==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 970
accept-ranges: bytes
content-type: text/javascript; charset=UTF-8

GET
H2 200 test.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 0A85 610 B
704 B 57ms
55ms Document
text/html 96.16.196.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.196.219 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-196-219.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 355
content-type: text/html
date: Thu, 13 Jul 2023 09:02:19 GMT
etag: "48053d50141031b1511dbd30f9a31288:1688905397.398884"
expires: Thu, 20 Jul 2023 09:02:19 GMT
last-modified: Sun, 09 Jul 2023 10:15:34 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET

rcs
tags.rd.linksynergy.com/ Frame E101
Redirect Chain

https://idsync.rlcdn.com/420046.gif?partner_uid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm
https://idsync.rlcdn.com/1000.gif?memo=CM7RGRJMCkgIARC-ngEaQHNOU1UtbFdPV0lOZDZqS1FFdVJvMkZzSUpkM0dNNDhOU0NKeHd6eU55R3h0WGxtaDBicU0yUDIzQlA4VXdhTm0QABoNCJv7vqUGEgUI6AcQAEIASgA
https://pippio.com/api/sync?pid=5324&it=1&iv=5b2de925b4477f12b40845cbad711f2f28a987ad35759b3fbf94eed76703975f791426b5417dce21&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA1YjJkZTkyNWI0NDc3ZjEyYjQwODQ1Y2JhZDcxMWYyZjI4YTk4N2FkMzU3NTliM2ZiZjk0ZWVkNzY3MDM5NzVmNzkxNDI2YjU...
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA1YjJkZTkyNWI0NDc3ZjEyYjQwODQ1Y2JhZDcxMWYyZjI4YTk4N2FkMzU3NTliM2ZiZjk0ZWVkNzY3MDM5NzVmNzkxNDI2YjU0MTdkY2UyMRAAGgwInvu-pQYSBAgCEABCAEoA&goog...
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=

0
0

GET
H/1.0 503
Service Unavailable /
b1sync.zemanta.com/usersync/outbrain/ Frame E101 0
0 425ms
23ms Image
text/html 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1sync.zemanta.com/usersync/outbrain/?puid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame E101
Redirect Chain

https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&ini...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dappnexus%26uid%3D%24UID%26obUid%3DsNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm%26gdpr...
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=804995347436160039&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob

0
145 B

467ms
98ms

Image
text/plain

38.133.127.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=appnexus&uid=804995347436160039&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 38.133.127.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 13 Jul 2023 09:02:22 GMT
Cache-Control: no-cache
X-TraceId: 6a231d69a6f219b54e2dbf7a2fa7dfb8
Content-Length: 0

Redirect headers

pragma: no-cache
date: Thu, 13 Jul 2023 09:02:19 GMT
an-x-request-uuid: 7d76f48b-e03b-40ad-8531-f2aa57b71533
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.outbrain.com/cookie-sync?p=appnexus&uid=804995347436160039&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
x-proxy-origin: 149.56.153.189; 149.56.153.189; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame E101
Redirect Chain

https://dpm.demdex.net/ibs:dpid=133726&dpuuid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_pd=1&gdpr_consent=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_pd=1&gdpr_consent=

42 B
940 B

233ms
231ms

Image
image/gif

54.161.2.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_pd=1&gdpr_consent=

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html

Protocol

HTTP/1.1

Server

54.161.2.222 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-161-2-222.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v049-05e394a99.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 8E25+zjpTzM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-va6-1-v049-09c76b5e0.edge-va6.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: TmbjOBEfTMs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_pd=1&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK set
sync-jp.im-apps.net/imid/ Frame E101 43 B
740 B 640ms
238ms Image
image/gif 23.47.145.225
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-jp.im-apps.net/imid/set?cid=1000047&tid=obid&uid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.145.225 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-47-145-225.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 13 Jul 2023 09:02:19 GMT
Cache-Control: private, max-age=3000
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame E101
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1---
https://match.adsrvr.org/track/cmb/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1---
https://sync.outbrain.com/cookie-sync?p=ttd&uid=b1fee8f7-8bb4-4941-8b35-9b2d18eb1126&gdpr=0&gdpr_consent=

0
145 B

430ms
152ms

Image
text/plain

38.133.127.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=ttd&uid=b1fee8f7-8bb4-4941-8b35-9b2d18eb1126&gdpr=0&gdpr_consent=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 38.133.127.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 13 Jul 2023 09:02:22 GMT
Cache-Control: no-cache
X-TraceId: f126b959995775ab575a8daeeeda3841
Content-Length: 0

Redirect headers

pragma: no-cache
date: Thu, 13 Jul 2023 09:02:20 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.outbrain.com/cookie-sync?p=ttd&uid=b1fee8f7-8bb4-4941-8b35-9b2d18eb1126&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 241

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame E101 0
338 B 391ms
37ms Image
text/plain 23.20.128.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=outbrain&partner_uid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.128.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-128-203.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by: beacon-n018-ash-prod.krxd.net
date: Thu, 13 Jul 2023 09:02:19 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1689238939
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame E101 43 B
652 B 409ms
12ms Image
image/gif 13.225.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212295978&puid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.214.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-117.ewr50.r.cloudfront.net
Software: AAWebServer /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 09:02:19 GMT
via: 1.1 11ab138d0b995a9fa4daabbae7fc0b0c.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: pBsBYox-GYWpudsKgaEuPaEoYcKd1uB3tilPTnVcryl_be9X4s_iNg==
expires: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame E101
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=81de382d-e849-4587-bacc-0e01af01b005&gdpr=0&gdpr_consent=&us_privacy=1---

0
145 B

417ms
139ms

Image
text/plain

38.133.127.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=81de382d-e849-4587-bacc-0e01af01b005&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 38.133.127.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 13 Jul 2023 09:02:22 GMT
Cache-Control: no-cache
X-TraceId: 3276162ad92b871e4c8aea746e88e775
Content-Length: 0

Redirect headers

location: //sync.outbrain.com/cookie-sync?p=mediaforce&uid=81de382d-e849-4587-bacc-0e01af01b005&gdpr=0&gdpr_consent=&us_privacy=1---
date: Thu, 13 Jul 2023 09:02:20 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame E101
Redirect Chain

https://x.bidswitch.net/sync?ssp=outbrain&user_id=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=outbrain&user_id=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent=
https://t.pswec.com/bsw_sync?ssp=outbrain&bsw_user_id=4c8ce368-e220-41e2-a7fd-9fa1004727a7
https://t.pswec.com/ul_cb/bsw_sync?ssp=outbrain&bsw_user_id=4c8ce368-e220-41e2-a7fd-9fa1004727a7
https://x.bidswitch.net/sync?dsp_id=2&user_id=5d1bc30d-e94e-4ae9-85ce-04962bd0f4ff&expires=3&user_group=1&ssp=outbrain
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=4c8ce368-e220-41e2-a7fd-9fa1004727a7&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

0
145 B

120ms
82ms

Image
text/plain

38.133.127.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=4c8ce368-e220-41e2-a7fd-9fa1004727a7&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 38.133.127.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 13 Jul 2023 09:02:25 GMT
Cache-Control: no-cache
X-TraceId: 03d84e489d5eb9fee9efd449aa4dd23a
Content-Length: 0

Redirect headers

Location: //sync.outbrain.com/cookie-sync?p=bidswitch&uid=4c8ce368-e220-41e2-a7fd-9fa1004727a7&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date: Thu, 13 Jul 2023 09:02:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame E101 43 B
363 B 425ms
32ms Image
image/gif 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26obUid%3DsNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob%26uid%3D%40%40CRITEO_USERID%40%40

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 09:02:19 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 292518
expires: Thu, 13 Jul 2023 00:00:00 GMT

GET

RX-c5e9cc2d-318c-462e-95bb-11ea6a34f783-005
sync.targeting.unrulymedia.com/csync/ Frame E101
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECKGhvUYlQUlB9vIbcTj1As&google_cver=1
https://sync.1rx.io/usersync/bidswitch/4c8ce368-e220-41e2-a7fd-9fa1004727a7?gdpr=&gdpr_consent=
https://sync.1rx.io/usersync/bidswitch/4c8ce368-e220-41e2-a7fd-9fa1004727a7?zcc=1&cb=1689238943891
https://sync.targeting.unrulymedia.com/csync/RX-c5e9cc2d-318c-462e-95bb-11ea6a34f783-005

0
0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame E101
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=25&gdpr=0&gdpr_consent=&us_privacy=1---
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7255225998158592152&gdpr=0&gdpr_consent=

0
145 B

467ms
98ms

Image
text/plain

38.133.127.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7255225998158592152&gdpr=0&gdpr_consent=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 38.133.127.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 13 Jul 2023 09:02:22 GMT
Cache-Control: no-cache
X-TraceId: ab9f599cd36d305cbbb54f02d6562c89
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7255225998158592152&gdpr=0&gdpr_consent=
Date: Thu, 13 Jul 2023 09:02:19 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/ Frame E101
Redirect Chain

https://ps.eyeota.net/match?bid=1mpn7m0&uid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm
https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm

70 B
440 B

44ms
31ms

Image
image/gif

3.230.62.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-62-22.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Date: Thu, 13 Jul 2023 09:02:21 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?bid=1mpn7m0&uid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm
Date: Thu, 13 Jul 2023 09:02:19 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm
id.geistm.com/m/OB/ Frame E101 0
0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame E101
Redirect Chain

https://creativecdn.com/cm-notify?pi=outbrain&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
https://creativecdn.com/cm-notify?pi=outbrain&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&tc=1
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=K9crs6dR00wX0yy79Ufe&pi=outbrain&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&ini...

0
145 B

163ms
134ms

Image
text/plain

38.133.127.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=K9crs6dR00wX0yy79Ufe&pi=outbrain&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&tc=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 38.133.127.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 13 Jul 2023 09:02:23 GMT
Cache-Control: no-cache
X-TraceId: 878ae47d948f5449bc723bc5e2fd70a7
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=K9crs6dR00wX0yy79Ufe&pi=outbrain&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&tc=1
pragma: no-cache
date: Thu, 13 Jul 2023 09:02:22 GMT, Thu, 13 Jul 2023 09:02:22 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame E101
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268&gdpr=0&gdpr_consent=&us_privacy=1---
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LK0X900I-17-JR1&obUid=&initiator=&gdpr=0&us_privacy=1---

0
145 B

478ms
106ms

Image
text/plain

38.133.127.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LK0X900I-17-JR1&obUid=&initiator=&gdpr=0&us_privacy=1---
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 38.133.127.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 13 Jul 2023 09:02:22 GMT
Cache-Control: no-cache
X-TraceId: 83ac7a9a35dad062603668e33ac14d5b
Content-Length: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LK0X900I-17-JR1&obUid=&initiator=&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f31d5fb12ac7ec11f837ad8263e0f6c
Expires: 0

GET
H2 403 tpid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm
sync.crwdcntrl.net/map/c=14516/tp=OBRN/ Frame E101 49 B
270 B 216ms
24ms Image
image/gif 52.44.20.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.20.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-20-252.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 09:02:21 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.45.250
content-length: 49
expires: 0

GET
H3

200

396846.gif
idsync.rlcdn.com/ Frame E101
Redirect Chain

https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm
https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&xl8blockcheck=1
https://idsync.rlcdn.com/397416.gif?partner_uid=3d9b5230dfd511ed069233e68413a79e
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=1cddb16f-08ec-491a-b734-623f5f1ccea4

42 B
60 B

43ms
42ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=1cddb16f-08ec-491a-b734-623f5f1ccea4
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:26 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Thu, 13 Jul 2023 09:02:25 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=1cddb16f-08ec-491a-b734-623f5f1ccea4
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame E101
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DsNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxt...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DsNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2...
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=ZK-9np85KbjHq-B3XtD-wwAADf0AAAAB&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&ini...

0
145 B

150ms
132ms

Image
text/plain

38.133.127.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=ZK-9np85KbjHq-B3XtD-wwAADf0AAAAB&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 38.133.127.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 13 Jul 2023 09:02:24 GMT
Cache-Control: no-cache
X-TraceId: 2db8532321d5e3321edbcc876c801c94
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Thu, 13 Jul 2023 09:02:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=ZK-9np85KbjHq-B3XtD-wwAADf0AAAAB&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET

Pug
image2.pubmatic.com/AdServer/ Frame E101
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%...
https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjMzRDdCN0UtQTBCNy00MkVELTlBNTYtQjVGMzM5MjA0MENF&gdpr=-1&gdpr_consent=PM_CONSENT
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=PM_CONSENT

0
0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame E101
Redirect Chain

https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob%26...
https://u.openx.net/w/1.0/cm?cc=1&id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3D...
https://sync.outbrain.com/cookie-sync?p=openx&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&uid=f90ae70e-ba45-4286-8b22-b0...

0
145 B

164ms
124ms

Image
text/plain

38.133.127.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=openx&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&uid=f90ae70e-ba45-4286-8b22-b061de3c6857
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 38.133.127.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 13 Jul 2023 09:02:24 GMT
Cache-Control: no-cache
X-TraceId: 08700b009b116386fa382a84ebf4b217
Content-Length: 0

Redirect headers

date: Thu, 13 Jul 2023 09:02:23 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://sync.outbrain.com/cookie-sync?p=openx&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&uid=f90ae70e-ba45-4286-8b22-b061de3c6857
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame E101
Redirect Chain

https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&us_privacy=1---&redir=true
https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&us_privacy=1---&redir=true&verify=true
https://sync.outbrain.com/cookie-sync?p=oath&uid=y-eXgK_KpE2uHHlSajHHtvYn5gAFPrvsk1DUgY04U-~A&gdpr=0

0
145 B

154ms
121ms

Image
text/plain

38.133.127.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=oath&uid=y-eXgK_KpE2uHHlSajHHtvYn5gAFPrvsk1DUgY04U-~A&gdpr=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 38.133.127.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 13 Jul 2023 09:02:24 GMT
Cache-Control: no-cache
X-TraceId: 15d3566e23f865701f7e73ec60f0d736
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=oath&uid=y-eXgK_KpE2uHHlSajHHtvYn5gAFPrvsk1DUgY04U-~A&gdpr=0
date: Thu, 13 Jul 2023 09:02:23 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame E101
Redirect Chain

https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DsNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxw...
https://ice.360yield.com/ul_cb/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DsNSU-lWOWINd6jKQEuRo2FsIJd3GM48...
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=cf6f6abe-6069-4b4e-8dd2-51a4243a28d3&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_priva...

0
145 B

149ms
130ms

Image
text/plain

38.133.127.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=cf6f6abe-6069-4b4e-8dd2-51a4243a28d3&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 38.133.127.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 13 Jul 2023 09:02:24 GMT
Cache-Control: no-cache
X-TraceId: b28a77cc800e6432ca88957470a70c0d
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=cf6f6abe-6069-4b4e-8dd2-51a4243a28d3&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
access-control-allow-origin: *
date: Thu, 13 Jul 2023 09:02:23 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame E101
Redirect Chain

https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DsNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm%26gd...
https://sync.outbrain.com/cookie-sync?p=smaato&uid=f77b551&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob

0
145 B

123ms
87ms

Image
text/plain

38.133.127.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=smaato&uid=f77b551&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 38.133.127.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 13 Jul 2023 09:02:25 GMT
Cache-Control: no-cache
X-TraceId: a1027867560e1eab31a92e4face34be2
Content-Length: 0

Redirect headers

date: Thu, 13 Jul 2023 09:02:24 GMT
via: 1.1 c22d4946ef5faea12b8d3942ceb9259a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-P1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.outbrain.com/cookie-sync?p=smaato&uid=f77b551&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: fm324iuynXCg9oTuO5_JXp2xlmu1ArAnLb-0ZFKlDV3oNlxhMYqDxQ==

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame E101
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DsNSU-lWOWINd6j...
https://sync.outbrain.com/cookie-sync?p=smart&uid=4085074864649846472&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob

0
145 B

133ms
83ms

Image
text/plain

38.133.127.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=smart&uid=4085074864649846472&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 38.133.127.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 13 Jul 2023 09:02:25 GMT
Cache-Control: no-cache
X-TraceId: 1a5c2b8223627dbaf83d61cf5d0436a9
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=smart&uid=4085074864649846472&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
date: Thu, 13 Jul 2023 09:02:23 GMT
content-length: 0

GET
H2 200 c.gif
c.bing.com/ Frame E101 42 B
669 B 286ms
35ms Image
image/gif 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?red3=MSOB_pd&uid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 09:02:23 GMT
last-modified: Tue, 06 Jun 2023 17:34:29 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2110EF3AEBF742A2A9C2D598EA4CDDDC Ref B: YMQ01EDGE0513 Ref C: 2023-07-13T09:02:24Z
etag: "4729cb259d98d91:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame E101
Redirect Chain

https://id.rlcdn.com/711945.gif?ct=4&cv=
https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&

0
145 B

128ms
78ms

Image
text/plain

38.133.127.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 38.133.127.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 13 Jul 2023 09:02:25 GMT
Cache-Control: no-cache
X-TraceId: d0150548a3a63f7969bf0ad0d0e0106c
Content-Length: 0

Redirect headers

date: Thu, 13 Jul 2023 09:02:24 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame E101
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3DsNSU-lWOW...
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=127&gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3...
https://sync.outbrain.com/cookie-sync?p=centro&uid=4b1d04ac-7e8d-4533-90c8-472901c9ecbc-64afbda0-4341&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_...

0
145 B

85ms
85ms

Image
text/plain

38.133.127.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=centro&uid=4b1d04ac-7e8d-4533-90c8-472901c9ecbc-64afbda0-4341&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 38.133.127.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 13 Jul 2023 09:02:26 GMT
Cache-Control: no-cache
X-TraceId: 6eaf295991739964373c74e1af7d73e6
Content-Length: 0

Redirect headers

pragma: no-cache
date: Thu, 13 Jul 2023 09:02:24 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://sync.outbrain.com/cookie-sync?p=centro&uid=4b1d04ac-7e8d-4533-90c8-472901c9ecbc-64afbda0-4341&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame E101
Redirect Chain

https://cms.quantserve.com/pixel/p-cxanv6hYFn1kw.gif?idmatch=0&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---
https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&us_privacy=1---&initiator=ob&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&uid=280kRI-dfEDAzCZE1M1oGtWacxPAz3QS1MFO...

0
145 B

133ms
85ms

Image
text/plain

38.133.127.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&us_privacy=1---&initiator=ob&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&uid=280kRI-dfEDAzCZE1M1oGtWacxPAz3QS1MFO69eX
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 38.133.127.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 13 Jul 2023 09:02:25 GMT
Cache-Control: no-cache
X-TraceId: 4a15909d37a848bdac4a22514d134048
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&us_privacy=1---&initiator=ob&obUid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&uid=280kRI-dfEDAzCZE1M1oGtWacxPAz3QS1MFO69eX
date: Thu, 13 Jul 2023 09:02:24 GMT
cache-control: private, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0

GET rtset
bh.contextweb.com/bh/ Frame E101 0
0

GET 9.gif
id5-sync.com/s/164/ Frame E101 0
0

GET ob
cm.rtbsystem.com/usermatch/ Frame E101 0
0

GET
H2 200 pixel;r=1729133673;source=gtm;rf=0;a=p-e6fjgk4FzErQ3;url=https%3A%2F%2Fhromok-ca.shop%2F;uht=2;fpan=1;fpa=P0-1368947186-1689238936353;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;us_p...
pixel.quantserve.com/ 35 B
371 B 112ms
47ms Image
image/gif 2620:116:800b:21:c1e8:5385:5098:6bf0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1729133673;source=gtm;rf=0;a=p-e6fjgk4FzErQ3;url=https%3A%2F%2Fhromok-ca.shop%2F;uht=2;fpan=1;fpa=P0-1368947186-1689238936353;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;us_privacy=1---;ref=;d=hromok-ca.shop;dst=0;et=1689238939209;tzo=0;ogl=title.Bill%20Gates%3A%20AI%20will%20kill%20off%20Amazon%252C%20Google%20and%20drive%20future%20humanoid%20workers%2Cimage.https%3A%2F%2Fdeseret%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2F109369f%2F2147483647%2Fstrip%2Ftrue%2Fcr%2Cimage%3Aurl.https%3A%2F%2Fdeseret%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2F109369f%2F2147483647%2Fstrip%2Ftrue%2Fcr%2Cimage%3Awidth.1461%2Cimage%3Aheight.834%2Cimage%3Atype.image%2Fjpeg%2Cimage%3Aalt.Bill%20Gates%20has%20a%20dire%20prediction%20for%20the%20future%20of%20artificial%20intelligence%252E%2Cdescription.The%2067-year-old%20multi-billionaire%20says%20a%20future%20AI-driven%20personal%20assistant%20wil%2Csite_name.Deseret%20News%2Ctype.article;ses=c3008ab1-512d-4b4b-aa66-492fa93300eb;mdl=

Requested by

Host: hromok-ca.shop
URL: https://hromok-ca.shop/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 09:02:19 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 id5-api.js
cdn.id5-sync.com/api/1.0/ 101 KB
25 KB 229ms
56ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: HWM04979T0C9RPF4
age: 1727
etag: W/"bb626f116ff54963039a9ea05c53620b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7e6058adb910436d-EWR
x-amz-id-2: To1Fv7N/f/OTGnJYdKj0jsfZ+syV4taV7oaak4JK63t6aiPPLRoPphqzkNwan+K4FcQ/QspC5dGwLh79BEyhxw==

GET
H2 200 integrator.js
adservice.google.com/adsid/ 107 B
165 B 183ms
181ms Script
application/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hromok-ca.shop

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads
securepubads.g.doubleclick.net/gampad/ 108 KB
32 KB 554ms
553ms XHR
text/plain 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3717949851284087&correlator=4404150477906705&eid=31076034%2C44777901%2C31068367&output=ldjh&gdfp_req=1&vrg=202307100101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=22653237939%2Cdeseret%2Cwww.deseret.com%2Cutah%2Cbusiness&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x250%2C300x250%7C300x600&ifi=3&adks=2506946582%2C3285426957&sfv=1-0-40&prev_scp=position%3Ddesktop_leaderboard_variable%7Cposition%3Dmedium_rectangle_variable_article%26pos%3Dright&eri=1&cust_params=htlbidid%3D20646%26is_testing%3Dno%26is_home%3Dyes%26category%3DUtah%26post_id%3D00000188-4a56-d496-a78a-4af6b19d0000%26entry_group%3Dbusiness%252Clatest%252Cnews-feed%252Cscience-tech%252Cfront-page%252Cnews-division%252Cutah%26entry_id%3DEntry%253A6a8e3c04-a9db-4ec4-9143-e857a18c3c79%26entry_type%3Darticle%26page_type%3Dinterior_page%26hub_pages%3DBusiness%26author%3DArt%2520Raymond%26keywords%3Dbill%2520gates%2520ai%2520will%2520kill%2520off%2520amazon%2520google%2520and%2520drive%2520future%2520humanoid%2520workers&sc=1&cookie=ID%3Db976ddba521ce8de%3AT%3D1689238937%3ART%3D1689238937%3AS%3DALNI_MY_JvhY_uecaosCGTbCZ73izvzQEQ&gpic=UID%3D00000cb6a79657eb%3AT%3D1689238937%3ART%3D1689238937%3AS%3DALNI_MaF8trhw9twrOstjlq6XtghAjKplA&abxe=1&dt=1689238940888&lmt=1689238940&dlt=1689238931044&idt=5893&adxs=315%2C1050&adys=295%2C778&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fhromok-ca.shop%2F&frm=20&vis=1&psz=970x0%7C300x0&msz=970x0%7C300x0&fws=4%2C4&ohw=1600%2C300&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfDVLgDPxLi1APRaB7FrJ0XM0IVjtRtdqkGZDoTnlR_h9hDpAjejHyupgPX7rjzsknmCtXqx1cROuu9z05Zjf9oxbv1Z&ga_vid=599242674.1689238938&ga_sid=1689238938&ga_hid=1788734732&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js?cb=31076034

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:21 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33039
x-xss-protection: 0
google-lineitem-id: -1,6280618696
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138430162616
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hromok-ca.shop
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 quant.js
secure.quantserve.com/ 22 KB
9 KB 59ms
58ms Script
application/javascript 2620:116:800b:21:c1e8:5385:5098:6bf0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:20 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 20 Jul 2023 09:02:20 GMT

GET
H3 200 sdk.js
connect.facebook.net/en_US/ 301 KB
85 KB 83ms
28ms Script
application/x-javascript 2a03:2880:f00e:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=6bb03e46fe07da6027b63f65bffe7058

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer
Origin: https://hromok-ca.shop
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jul 2023 09:02:21 GMT
content-md5: CwBdZNmGM0/CSQcGr+r2Uw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87289
x-fb-debug: 1uTgKsqBFMHaj4y80HaPZkTBUIH2yIsu78CgmotDfYU8Yzkuu53rkQPocSq66GjB0wOgmqfCT7ZJCu3J0v5ebQ==
x-fb-content-md5: f60aebb4f7a09ecf1ace522eb084d322
cross-origin-opener-policy: same-origin-allow-popups
etag: "bdcbacf75308ace3ba21a98648d4fa05"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 12 Jul 2024 07:38:00 GMT

GET
H2 200 v2ghq4H8pSqsSE5TvCRMeg19JrcNjnOdwdTO_2xu06qvex-mky4fUPQk
restrainstorm.com/ 63 KB
22 KB 81ms
37ms Script
text/javascript 2600:1901:0:7a38::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://restrainstorm.com/v2ghq4H8pSqsSE5TvCRMeg19JrcNjnOdwdTO_2xu06qvex-mky4fUPQk

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7a38::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Thu, 13 Jul 2023 09:02:21 GMT
x-datacenter: gce-us-east1
etag: "5a8f4cb873e0c9431f58655e60eedefad9fa4d6ec2c5d995041231e60e2ad8f0"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-us-east1-spot-nd3x
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 924731853
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 sdk.js
connect.facebook.net/en_US/ 3 KB
2 KB 72ms
48ms Script
application/x-javascript 2a03:2880:f00e:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jul 2023 09:02:21 GMT
content-md5: kUeNEzvEQh+J5qPmrzHsZQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-debug: yeczFIEgzDRDC+lLpc+u9cRQqUZ/X99icbVpnnFM3hhL8Ij18dRJ/OEVlu6hocmDJ1KnjedD7mpb6MVzJ5jnlw==
x-fb-content-md5: 16a18e949409d7017b074fffb75c54c4
cross-origin-opener-policy: same-origin-allow-popups
etag: "8c76a9c94835e8524ac7d67baf00b5d5"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 13 Jul 2023 09:19:09 GMT

GET
H2 200 gtm.js
www.googletagmanager.com/ 270 KB
90 KB 171ms
78ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W9QHGH

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91837
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 13 Jul 2023 09:02:21 GMT

GET
H2 200 iframe_api
www.youtube.com/ 1006 B
603 B 116ms
75ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 13 Jul 2023 09:02:21 GMT

GET
H2 200 ot_close.svg
cookie-cdn.cookiepro.com/logos/static/ 651 B
623 B 74ms
27ms Image
image/svg+xml 2606:4700::6812:1053
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookie-cdn.cookiepro.com/logos/static/ot_close.svg

Requested by

Host: hromok-ca.shop
URL: https://hromok-ca.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1053 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hromok-ca.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jul 2023 09:02:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 75968
x-ms-lease-status: unlocked
last-modified: Fri, 30 Jun 2023 01:43:34 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: abf066ff-a01e-0079-47ba-abc469000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7e6058b7ae1fca47-YUL
expires: Fri, 14 Jul 2023 09:02:21 GMT

GET
H2 200 l
use.typekit.net/af/bb6c4e/00000000000000003b9b2cf8/27/ 38 KB
38 KB 70ms
24ms Font
application/font-woff2 2600:141b:13::17d7:8252
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/bb6c4e/00000000000000003b9b2cf8/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:8252 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://use.typekit.net/qzq4qkv.css
Origin: https://hromok-ca.shop
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:21 GMT
server: nginx
etag: "3bd094436e8172ab61cda9f0fed997dd1ff37d39"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 38868

GET
H2 200 ot_guard_logo.svg
cookie-cdn.cookiepro.com/logos/static/ 497 B
514 B 148ms
144ms Fetch
image/svg+xml 2606:4700::6812:1053
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/logos/static/ot_guard_logo.svg

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1053 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jul 2023 09:02:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: tXyZydHjxQshFMbbBT1/8A==
x-ms-lease-status: unlocked
last-modified: Fri, 30 Jun 2023 01:43:33 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: b83228de-801e-0023-49d6-b4a28e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7e6058b7edaf713e-YUL
expires: Fri, 14 Jul 2023 09:02:21 GMT

GET
H2 200 Deseret_News_black__yellow_period.png
cookie-cdn.cookiepro.com/logos/8becd7f7-c923-4cd4-814a-e08c34baf60b/b60ef91b-8cd1-4d5b-bbfe-c75143877adf/2fad57bd-f325-40d3-9703-e5aae1c430bd/ 15 KB
15 KB 52ms
51ms Image
image/png 2606:4700::6812:1053
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookie-cdn.cookiepro.com/logos/8becd7f7-c923-4cd4-814a-e08c34baf60b/b60ef91b-8cd1-4d5b-bbfe-c75143877adf/2fad57bd-f325-40d3-9703-e5aae1c430bd/Deseret_News_black__yellow_period.png

Requested by

Host: hromok-ca.shop
URL: https://hromok-ca.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1053 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jul 2023 09:02:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
content-md5: vhY3W8TIWDCio7fmA/GntA==
age: 30386
cf-polished: origSize=29642
content-length: 15370
x-ms-lease-status: unlocked
cf-bgj: imgq:100,h2pri
last-modified: Mon, 07 Mar 2022 23:11:56 GMT
server: cloudflare
etag: 0x8DA008FE0214A80
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 0d8c5f98-e01e-0025-7d93-929131000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7e6058b93f52ca47-YUL
expires: Fri, 14 Jul 2023 09:02:21 GMT

GET
H2 200 poweredBy_cp_logo.svg
cookie-cdn.cookiepro.com/logos/static/ 5 KB
2 KB 50ms
48ms Image
image/svg+xml 2606:4700::6812:1053
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookie-cdn.cookiepro.com/logos/static/poweredBy_cp_logo.svg

Requested by

Host: hromok-ca.shop
URL: https://hromok-ca.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1053 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jul 2023 09:02:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: uInNdQwuuw8s7lYl3cE7eQ==
age: 44698
x-ms-lease-status: unlocked
last-modified: Fri, 30 Jun 2023 01:43:33 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 07b81aa7-c01e-001d-52b9-ab35f1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7e6058b93f54ca47-YUL
expires: Fri, 14 Jul 2023 09:02:21 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 325ms
9ms Image
text/plain 2a03:2880:f10e:83:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1860428570942209&ev=PageView&dl=https%3A%2F%2Fhromok-ca.shop%2F&rl=&if=false&ts=1689238941696&sw=1600&sh=1200&v=2.9.111&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1689238941665.1995845118&cs_est=true&it=1689238936434&coo=false&rqm=GET

Requested by

Host: hromok-ca.shop
URL: https://hromok-ca.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10e:83:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 13 Jul 2023 09:02:22 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame DF0D 79 KB
30 KB 23ms
23ms Script
application/javascript 54.230.163.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-106.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:22:15 GMT
content-encoding: gzip
via: 1.1 29cdae592cbcdf154c4515153175497e.cloudfront.net (CloudFront)
x-amz-version-id: zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop: EWR53-C3
age: 3256808
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29795
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:21:55 GMT
server: AmazonS3
etag: "8e8814a257127c5444a137691d0355fe"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: DUP9C0xcDhRR5R1Xq-UtojaM-U7TCoqoOkcPbTa2YEMyirkmgOxUhw==

GET
H2 200 b-e09f10f-6ba2dc51.js
tagan.adlightning.com/deseretdigital/ Frame 34B1 79 KB
30 KB 26ms
26ms Script
application/javascript 54.230.163.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-106.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:22:15 GMT
content-encoding: gzip
via: 1.1 29cdae592cbcdf154c4515153175497e.cloudfront.net (CloudFront)
x-amz-version-id: zNBfEs5zQkTaYTuh1u_jCj9GGsSFfEBy
x-amz-cf-pop: EWR53-C3
age: 3256809
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29795
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:21:55 GMT
server: AmazonS3
etag: "8e8814a257127c5444a137691d0355fe"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: yojNC7R297s0r0Jh5QkOl4YNOgjtLZ5WHK8xgeWZi3QE2rvyf-zmfg==

GET
H2 200 10500080082914964729
tpc.googlesyndication.com/simgad/ Frame 34B1 43 KB
43 KB 77ms
40ms Image
image/gif 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10500080082914964729

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 14:51:37 GMT
x-content-type-options: nosniff
age: 151846
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43609
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 16:42:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 10 Jul 2024 14:51:37 GMT

GET
H2 200 abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 34B1 23 KB
9 KB 71ms
35ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 20:13:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Jul 2023 20:13:07 GMT

GET
H2 200 window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 34B1 3 KB
1 KB 72ms
38ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 13:54:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Jul 2023 13:54:31 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 34B1 0
0 302ms
62ms Image
text/html 2607:f8b0:4006:81c::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQiaBAh9yBKOMiz0bmLXrwKQXKhKtLGlXq9PbC265WfIWDp8cQa7Y62fKPG6Ztic30p36JFJ6Nb_xCv3MVLJvHvPY0eEw
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2004 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 34B1 179 KB
56 KB 73ms
72ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 09:02:23 GMT

GET
H2 200 i.js
tag.bounceexchange.com/5722/ 5 KB
3 KB 269ms
15ms Script
text/plain 34.120.253.250

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.bounceexchange.com/5722/i.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:01:08 GMT
content-encoding: gzip
via: 1.1 google
age: 75
x-envoy-upstream-service-time: 0
x-region: us-central1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2040
server: istio-envoy
etag: 219392f61ab3ab
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=60
timing-allow-origin: *
link: <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect

GET
DATA 200
OK truncated
/ Frame F374 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://hashtaglabs-d.openx.net/w/1.0/pd?us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECH_nmEIP1UU1Fe0gGApNu0&google_cver=1

43 B
61 B

58ms
25ms

Image
image/gif

35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECH_nmEIP1UU1Fe0gGApNu0&google_cver=1
Requested by: Host: hromok-ca.shop
URL: https://hromok-ca.shop/
Protocol: H3
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 09:02:25 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Jul 2023 09:02:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECH_nmEIP1UU1Fe0gGApNu0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 452bab671c86b604db649026bf10c401752aa624d1d9c1
restrainstorm.com/98d830/ 198 B
225 B 159ms
63ms Fetch
application/json 2600:1901:0:7a38::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://restrainstorm.com/98d830/452bab671c86b604db649026bf10c401752aa624d1d9c1

Requested by

Host: restrainstorm.com
URL: https://restrainstorm.com/v2ghq4H8pSqsSE5TvCRMeg19JrcNjnOdwdTO_2xu06qvex-mky4fUPQk

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:7a38::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Thu, 13 Jul 2023 09:02:24 GMT
via: 1.1 google
x-buildnumber: 924731853
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198
x-datacenter: gce-us-east1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hromok-ca.shop
x-hostname: fen-hoothoot-us-east1-spot-nd3x
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Thu, 13 Jul 2023 09:02:23 GMT

POST
H2 200 /
www.facebook.com/tr/ Frame 9378 0
58 B 117ms
17ms Document
text/plain 2a03:2880:f10e:83:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: hromok-ca.shop
URL: https://hromok-ca.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10e:83:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: null
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 09:02:24 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200 v1
lb.eu-1-id5-sync.com/lb/ 33 B
401 B 468ms
103ms XHR
application/json 162.19.138.116

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hromok-ca.shop
date: Thu, 13 Jul 2023 09:02:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 34B1 0
0 51ms
50ms Fetch
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssSptuXqWI_q6dLBTnb18smdV4EvS4E0n5n-xCPO4MsRszPDxjiULJ_oyO7fyn28PoaSbWH1fpL23oH2cW6aszIvRs9TEx2ZJnROqqodRmAhLWEQQ1HwZ65Wys-YsgGbDUmhZG09ULXiX51YAdK5BZalfEYG1kCmQ_JWKXj_ZzpQyiU6COORI7BGcHZoBGII2PuQABejtWEFEugvnKSsvk5jCmbFs5L7PnY6SG6NesKRS4Kp5WG3HV3-0X_Bw1S-a7KPuurEbosqRzdcQk3lBI23nqJCn_17a2VypGd8m36xKL3bnahbN2Jn_9GuwzPpO8W65MwD1zGT0R2uN-_N97kCmrsPcgpV4Tej4Cg-JSx&sai=AMfl-YSOQydiJh4BDwq0QitMh6NUY5pqYtI2E-zp-7cLKqUKN2ppgnP7RaCO28zEXrrX6l45wHWZNGzXRedXxG8QJs4KS6zag-kKcLSQgA25LeRq5lfqX7lwkw73caqqRzU&sig=Cg0ArKJSzM4fru-OWU2LEAE&uach_m=[UACH]&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 34B1 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET amp4ads-v0.mjs
cdn.ampproject.org/rtv/012306202201000/ Frame DF0D 0
0

GET amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012306202201000/v0/ Frame DF0D 0
0

GET amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012306202201000/v0/ Frame DF0D 0
0

GET amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012306202201000/v0/ Frame DF0D 0
0

GET amp-form-0.1.mjs
cdn.ampproject.org/rtv/012306202201000/v0/ Frame DF0D 0
0

GET css
fonts.googleapis.com/ Frame DF0D 0
0

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DF0D 2 KB
3 KB 25ms
24ms Image
image/png 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: hromok-ca.shop
URL: https://hromok-ca.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hromok-ca.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 16:48:18 GMT
x-content-type-options: nosniff
server: cafe
age: 58447
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 13 Jul 2023 16:48:18 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DF0D 295 B
371 B 22ms
22ms Image
image/png 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: hromok-ca.shop
URL: https://hromok-ca.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hromok-ca.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 16:48:18 GMT
x-content-type-options: nosniff
server: cafe
age: 58447
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Thu, 13 Jul 2023 16:48:18 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DF0D 0
0 39ms
38ms Image
text/html 2607:f8b0:4006:81c::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQyTVeVueru31EQqR1-nmlRJYQVvCPAoJ0oFhZLwuCYpiB49gabyyek7s3E7nztm1vCwKwt2WJvrnw3PjMAJ4uEsLY8ig
Requested by: Host: hromok-ca.shop
URL: https://hromok-ca.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2004 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hromok-ca.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

POST _track
hromok-ca.shop/ 0
0

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
482 B 72ms
0ms Image
image/gif 2600:9000:21dd:6c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adslot=ad_300x250_365857
Requested by: Host: hromok-ca.shop
URL: https://hromok-ca.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:6c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 07:41:00 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 d8231fd704ad0bc5e49083372d79c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 13656085
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: Y2uzrPJa3DYlJeKVOzX8DyIVVYTUhlTNOJ9P1rWmJp6wwsotL0xuag==

GET www-widgetapi.js
www.youtube.com/s/player/f2f137c6/www-widgetapi.vflset/ 0
0

POST 517.json
id5-sync.com/g/v2/ 0
0

GET runtime_b4ad65fa381da0648767eee58152de5e.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 0
0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 34B1 0
0 42ms
42ms Fetch
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvAqFKfMtVYkqgyeRyv93_gyXXvTA3Ez7t6vxMyl8k8vB6YtF2fEzU0w2jOEKF2y-RC6u9jVfYUKEW59Ja0zWQs5KPk1g2QBa8UfAawbeeXsDCEkxcQpY3P81zM_HBlfnFecQaaV4thAV5wyb0W16FApZPQLqeZNc5RFR9WpkNIRuAJHXjOUyatlRD6oP21i_gVgK91J5fZimF_NpB2XTEGUM9yrR1sTBYLVnXVU287uFGoYAcBLUX962TI6lgfqDrp-E_lSqcAia4IDJM17yuhqq0yyVpPEXVN3WSh5NcE9esgs880fVZkUw3Wm5OhDx7dpEm4_02GNctHCzR2rEJu5-0C6W_9s3zDIOoYHZ3Vd7s&sai=AMfl-YQL1yo7cuDKD9jwHCrGcHYVEwUx4NdDLrE-Vl9ZlXJGsclDbdifJLgoaERQzb-pBAd2qUNuUx1V8Y2bUjq7xin31V8-N4AfPMZpfhqvaRbk0sM4IY4RabJzHqny1n8&sig=Cg0ArKJSzBGZ93HOFEKqEAE&uach_m=[UACH]&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/deseretdigital/b-e09f10f-6ba2dc51.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 09:02:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 13 Jul 2023 09:02:26 GMT

GET
DATA 200
OK truncated
/ Frame DF0D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

POST 2e617148a220f828c9dce06e6e26e59d467b2d66d9d7012dbaf8
restrainstorm.com/ 0
0

POST a7247ea0a9aad29404dd6c8b386337f743cd77618af0
restrainstorm.com/create/879342af/ 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 34B1 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Regular.a86565d35df3a9fb1e50b963cbf97a13.woff2

Domain: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Bold.8cb714e2e55e898768c36431818db72f.woff2

Domain: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Condensed_Medium.bb363d55467296410f913b84056528f9.woff2

Domain: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Display_Bold.26cefedcab11054b85987ff2f992a2c5.woff2

Domain: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Italic.9f7066049b8a07ca0e905ba46c8645f4.woff2

Domain: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Roman.7d4d83ea55695b66b9beb992fadfb14b.woff2

Domain: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Bold.401d3b047965b9833f0ef9a4299972b2.woff2

Domain: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Regular.409a2ac6bc1aa08eb312bd751e5b8f40.woff

Domain: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Bold.d49a5ce3e771acb6ef7780dfb8628852.woff

Domain: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Condensed_Medium.93a6c93a1977e45c6c8110ece8b4b5d0.woff

Domain: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Display_Bold.3ae2bb4526d6e998f6f95c1227253d91.woff

Domain: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Italic.1852359a620808c5c15d4adc10b281d9.woff

Domain: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Roman.a3e2828fcd9d3b031c3d3e07aea3d55e.woff

Domain: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Bold.5151938f16d42d400f1b1b6cf8ce28b0.woff

Domain: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/228f7278b56ec5f4c512.8764e4dc5bb5d6dc0a7723926dadba3f.woff2

Domain: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/3811c0417f2e9e014f1d.3fbdfab499553e66ade62aa089808383.woff

Domain: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/9a8d32d539073ef74f3e.64eccfd09cafb2704571be2d12cc225b.woff2

Domain: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/d02ee5d3226eb0e8bf36.bd48110194a908a4a1e939b1656d318a.woff2

Domain: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/56873dddf01c173e6d7c.86be8971ac1519f2cfdf90b1b087eeaa.woff2

Domain: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/a9fcb7d84180304e8fe7.f07418e94d3ab3dc90c1135c26084266.woff2

Domain: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/6beab6a675108945ea18.a8ea55985305b53e31a1feb3cb8fdd12.woff

Domain: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/18276429547f3d554011.e180fad043a83296528427bc04dbabf3.woff

Domain: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/77fb4accf5df60b92e2e.2c702352e292ec517a9cbee418d2e331.woff

Domain: deseret.brightspotcdn.com
URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/37e66169e9da4c9b3b71.b8ca7a663365c7b822c7f9285a24693c.woff

Domain: tags.rd.linksynergy.com
URL: https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=

Domain: sync.targeting.unrulymedia.com
URL: https://sync.targeting.unrulymedia.com/csync/RX-c5e9cc2d-318c-462e-95bb-11ea6a34f783-005

Domain: id.geistm.com
URL: https://id.geistm.com/m/OB/sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=PM_CONSENT

Domain: bh.contextweb.com
URL: https://bh.contextweb.com/bh/rtset?pid=562709&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpulsepoint%26uid%3D%25%25VGUID%25%25%26obUid%3DsNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob

Domain: id5-sync.com
URL: https://id5-sync.com/s/164/9.gif?puid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---

Domain: cm.rtbsystem.com
URL: https://cm.rtbsystem.com/usermatch/ob?redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Drtbsystem%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%7Buserid%7D%26initiator%3Dob%26obUid%3DsNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm

Domain: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs

Domain: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012306202201000/v0/amp-ad-exit-0.1.mjs

Domain: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012306202201000/v0/amp-analytics-0.1.mjs

Domain: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012306202201000/v0/amp-fit-text-0.1.mjs

Domain: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012306202201000/v0/amp-form-0.1.mjs

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Domain: hromok-ca.shop
URL: https://hromok-ca.shop/_track

Domain: www.youtube.com
URL: https://www.youtube.com/s/player/f2f137c6/www-widgetapi.vflset/www-widgetapi.js

Domain: id5-sync.com
URL: https://id5-sync.com/g/v2/517.json

Domain: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_b4ad65fa381da0648767eee58152de5e.br.js

Domain: restrainstorm.com
URL: https://restrainstorm.com/2e617148a220f828c9dce06e6e26e59d467b2d66d9d7012dbaf8

Domain: restrainstorm.com
URL: https://restrainstorm.com/create/879342af/a7247ea0a9aad29404dd6c8b386337f743cd77618af0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsty3pg9GdqCWt7vxSvsua80J92PH21LLRSTsC834tLcFLbuhaajme6aw3V36KW5bzZxdC4EF55DbqP5l6s4mExEedh-OUGgiGiOeoIR19sgXpnF-tzH&sig=Cg0ArKJSzJDMwlPOe1K0EAE&id=lidar2&mcvt=1002&p=778,1050,1028,1350&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230712&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3285426957&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689238942759&rpt=3341&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

55 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://hromok-ca.shop/ Message: Access to font at 'https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Condensed_Medium.bb363d55467296410f913b84056528f9.woff2' from origin 'https://hromok-ca.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Condensed_Medium.bb363d55467296410f913b84056528f9.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hromok-ca.shop/ Message: Access to font at 'https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Regular.a86565d35df3a9fb1e50b963cbf97a13.woff2' from origin 'https://hromok-ca.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Regular.a86565d35df3a9fb1e50b963cbf97a13.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hromok-ca.shop/ Message: Access to font at 'https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Display_Bold.26cefedcab11054b85987ff2f992a2c5.woff2' from origin 'https://hromok-ca.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Display_Bold.26cefedcab11054b85987ff2f992a2c5.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hromok-ca.shop/ Message: Access to font at 'https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Bold.8cb714e2e55e898768c36431818db72f.woff2' from origin 'https://hromok-ca.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Bold.8cb714e2e55e898768c36431818db72f.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hromok-ca.shop/ Message: Access to font at 'https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Roman.7d4d83ea55695b66b9beb992fadfb14b.woff2' from origin 'https://hromok-ca.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Roman.7d4d83ea55695b66b9beb992fadfb14b.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hromok-ca.shop/ Message: Access to font at 'https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Italic.9f7066049b8a07ca0e905ba46c8645f4.woff2' from origin 'https://hromok-ca.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Italic.9f7066049b8a07ca0e905ba46c8645f4.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hromok-ca.shop/ Message: Access to font at 'https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Bold.401d3b047965b9833f0ef9a4299972b2.woff2' from origin 'https://hromok-ca.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Bold.401d3b047965b9833f0ef9a4299972b2.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hromok-ca.shop/ Message: Access to font at 'https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Regular.409a2ac6bc1aa08eb312bd751e5b8f40.woff' from origin 'https://hromok-ca.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Regular.409a2ac6bc1aa08eb312bd751e5b8f40.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hromok-ca.shop/(Line 580) Message: Access to font at 'https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Italic.1852359a620808c5c15d4adc10b281d9.woff' from origin 'https://hromok-ca.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Italic.1852359a620808c5c15d4adc10b281d9.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hromok-ca.shop/(Line 580) Message: Access to font at 'https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Roman.a3e2828fcd9d3b031c3d3e07aea3d55e.woff' from origin 'https://hromok-ca.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Roman.a3e2828fcd9d3b031c3d3e07aea3d55e.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hromok-ca.shop/(Line 580) Message: Access to font at 'https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Bold.5151938f16d42d400f1b1b6cf8ce28b0.woff' from origin 'https://hromok-ca.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Text_Bold.5151938f16d42d400f1b1b6cf8ce28b0.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hromok-ca.shop/(Line 580) Message: Access to font at 'https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Condensed_Medium.93a6c93a1977e45c6c8110ece8b4b5d0.woff' from origin 'https://hromok-ca.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Condensed_Medium.93a6c93a1977e45c6c8110ece8b4b5d0.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hromok-ca.shop/(Line 580) Message: Access to font at 'https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Bold.d49a5ce3e771acb6ef7780dfb8628852.woff' from origin 'https://hromok-ca.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Benton_Sans_Bold.d49a5ce3e771acb6ef7780dfb8628852.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hromok-ca.shop/(Line 580) Message: Access to font at 'https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Display_Bold.3ae2bb4526d6e998f6f95c1227253d91.woff' from origin 'https://hromok-ca.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/styles/style-1/assets/fonts/Poynter_Oldstyle_Display_Bold.3ae2bb4526d6e998f6f95c1227253d91.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hromok-ca.shop/(Line 1435) Message: Access to font at 'https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/228f7278b56ec5f4c512.8764e4dc5bb5d6dc0a7723926dadba3f.woff2' from origin 'https://hromok-ca.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/228f7278b56ec5f4c512.8764e4dc5bb5d6dc0a7723926dadba3f.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hromok-ca.shop/(Line 1959) Message: Access to font at 'https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/3811c0417f2e9e014f1d.3fbdfab499553e66ade62aa089808383.woff' from origin 'https://hromok-ca.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/3811c0417f2e9e014f1d.3fbdfab499553e66ade62aa089808383.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hromok-ca.shop/(Line 1959) Message: Access to font at 'https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/9a8d32d539073ef74f3e.64eccfd09cafb2704571be2d12cc225b.woff2' from origin 'https://hromok-ca.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/9a8d32d539073ef74f3e.64eccfd09cafb2704571be2d12cc225b.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hromok-ca.shop/(Line 1959) Message: Access to font at 'https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/56873dddf01c173e6d7c.86be8971ac1519f2cfdf90b1b087eeaa.woff2' from origin 'https://hromok-ca.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/56873dddf01c173e6d7c.86be8971ac1519f2cfdf90b1b087eeaa.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hromok-ca.shop/(Line 1959) Message: Access to font at 'https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/d02ee5d3226eb0e8bf36.bd48110194a908a4a1e939b1656d318a.woff2' from origin 'https://hromok-ca.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/d02ee5d3226eb0e8bf36.bd48110194a908a4a1e939b1656d318a.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hromok-ca.shop/(Line 1959) Message: Access to font at 'https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/a9fcb7d84180304e8fe7.f07418e94d3ab3dc90c1135c26084266.woff2' from origin 'https://hromok-ca.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/a9fcb7d84180304e8fe7.f07418e94d3ab3dc90c1135c26084266.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hromok-ca.shop/(Line 2433) Message: Access to font at 'https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/18276429547f3d554011.e180fad043a83296528427bc04dbabf3.woff' from origin 'https://hromok-ca.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/18276429547f3d554011.e180fad043a83296528427bc04dbabf3.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hromok-ca.shop/(Line 2433) Message: Access to font at 'https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/6beab6a675108945ea18.a8ea55985305b53e31a1feb3cb8fdd12.woff' from origin 'https://hromok-ca.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/6beab6a675108945ea18.a8ea55985305b53e31a1feb3cb8fdd12.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hromok-ca.shop/(Line 2433) Message: Access to font at 'https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/77fb4accf5df60b92e2e.2c702352e292ec517a9cbee418d2e331.woff' from origin 'https://hromok-ca.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/77fb4accf5df60b92e2e.2c702352e292ec517a9cbee418d2e331.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hromok-ca.shop/(Line 2433) Message: Access to font at 'https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/37e66169e9da4c9b3b71.b8ca7a663365c7b822c7f9285a24693c.woff' from origin 'https://hromok-ca.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deseret.brightspotcdn.com/resource/0000017e-8dee-d054-a37e-cdef72620000/37e66169e9da4c9b3b71.b8ca7a663365c7b822c7f9285a24693c.woff Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://hromok-ca.shop/_track Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://tagan.adlightning.com/deseretdigital/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://b1sync.zemanta.com/usersync/outbrain/?puid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob Message: Failed to load resource: the server responded with a status of 503 (Service Unavailable)
network	error	URL: https://id.geistm.com/m/OB/sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=sNSU-lWOWINd6jKQEuRo2FsIJd3GM48NSCJxwzyNyGxtXlmh0bqM2P23BP8UwaNm Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	URL: https://tagan.adlightning.com/deseretdigital/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/deseretdigital/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
aax.amazon-adsystem.com
adservice.google.com
aed277b1e66a59d4f11f8a33e7f06e64.safeframe.googlesyndication.com
ams-pageview-public.s3.amazonaws.com
api.bttrack.com
assets.bounceexchange.com
b1sync.zemanta.com
beacon.krxd.net
bh.contextweb.com
c.amazon-adsystem.com
c.bing.com
cdn.ampproject.org
cdn.id5-sync.com
cm.g.doubleclick.net
cm.rtbsystem.com
cms.quantserve.com
connect.facebook.net
cookie-cdn.cookiepro.com
creativecdn.com
deseret.brightspotcdn.com
deseretnews.coral.coralproject.net
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
fonts.googleapis.com
geolocation.onetrust.com
hashtaglabs-d.openx.net
hromok-ca.shop
htlbid.com
ib.adnxs.com
ice.360yield.com
id.geistm.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
lb.eu-1-id5-sync.com
loadus.exelator.com
log.outbrainimg.com
match.adsrvr.org
mcdp-sadc1.outbrain.com
mv.outbrain.com
p.typekit.net
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
ps.eyeota.net
restrainstorm.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
s.ad.smaato.net
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
sync-jp.im-apps.net
sync.crwdcntrl.net
sync.outbrain.com
sync.targeting.unrulymedia.com
t.pswec.com
tag.bounceexchange.com
tagan.adlightning.com
tags.rd.linksynergy.com
tcheck.outbrainimg.com
tpc.googlesyndication.com
u.openx.net
uploads.deseret.com
ups.analytics.yahoo.com
us-u.openx.net
use.typekit.net
widget-pixels.outbrain.com
widgets.outbrain.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
x.bidswitch.net
assets.bounceexchange.com
bh.contextweb.com
cdn.ampproject.org
cm.rtbsystem.com
deseret.brightspotcdn.com
fonts.googleapis.com
hromok-ca.shop
id.geistm.com
id5-sync.com
image2.pubmatic.com
pagead2.googlesyndication.com
restrainstorm.com
sync.targeting.unrulymedia.com
tags.rd.linksynergy.com
www.youtube.com
108.138.126.121
108.139.47.50
13.225.214.117
13.33.60.51
142.251.40.194
143.204.151.99
146.75.34.132
162.19.138.116
185.184.8.90
192.132.33.41
192.40.39.223
207.198.113.204
23.105.12.142
23.20.128.203
23.47.145.225
23.52.152.237
2600:141b:13::17d7:8252
2600:1901:0:7a38::1
2600:9000:21dd:3a00:6:44e3:f8c0:93a1
2600:9000:21dd:6c00:8:48e:53c0:93a1
2600:9000:2209:9800:1b:5138:8a40:93a1
2606:4700:10::6816:1971
2606:4700:10::6816:3456
2606:4700::6812:1053
2606:4700::6812:1c26
2607:f8b0:4006:817::2001
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81f::2002
2607:f8b0:4006:81f::200e
2607:f8b0:4006:820::2008
2607:f8b0:4006:823::2002
2607:f8b0:4006:824::2002
2620:116:800b:21:c1e8:5385:5098:6bf0
2620:1ec:c11::200
2a01:4f8:140:8224::1
2a03:2880:f00e:13:face:b00c:0:3
2a03:2880:f10e:83:face:b00c:0:25de
3.225.218.10
3.230.62.22
3.33.220.150
3.5.9.201
34.120.253.250
34.229.3.43
34.98.72.95
35.186.253.211
35.190.60.146
35.207.24.140
35.211.178.172
35.244.156.29
35.244.159.8
38.133.127.127
44.208.197.254
52.44.20.252
52.85.61.21
54.161.170.61
54.161.2.222
54.230.163.106
64.202.112.159
68.67.160.186
74.119.119.150
8.43.72.98
85.114.159.93
96.16.196.219
13cf20ab39f2ee3b1029137d2f0bc18158f3414cc77af987c091aa6b2438b769
1691528e16358e4a55f27a5960fdb5c5cfc05671e6682aa5d28ce102f483e758
18e417acc2170bc5559488138d56f4d308d36104a26eff8c23dd2cb371ab514a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2e56d46b73d36a4cd2959b5163de05df3f69ed1a27f99ffed7bd73089ba7ab88
31dafbe7715d515d4b8f11b719eb0431d2fb111a062447e2e76a8351c97a627a
351ba2ac20d28ffadb1115a6dd19d3a789cbd9d30d88630ca6d0a9a7fa6122d9
41cda7fd0df5e6fcaf68cc9368d80aed3cccd29a138e2b4aa0f44f63a1a44b23
4e613ea62e3357c2efdb4e7b109368cfed602b021033f530bc41c8eb8e96090f
50e378c7aa7ad5b23df32fb96dd0f293cbaa9c51e72047aca49dfeb12b18990d
5a0362e68aa5fb86e1965e04df43b93abeb2e0b145d1f7c4facb4a8f9947accc
608cf6fdd442eaa73d0e6a5f331bc73fb30347c39057e130faf533431551b03e
62ef682c38ec798a115e152d5dda9b9e731fc734b9ed3f188af227aaf65fe40a
63d8f08bbefb4763417e02b92ddc2b4e2fb66ac0418e20dcf9271f5f49d4236c
6cdf5b8d8528713b5a7b3fae738d27e6107afa0cc3a8e691a9d612303f6dfd7a
710085fc2266bb1adf635ca38d7bcac541bd0b2c30ee9a0e102eb3fbbc813043
742eda3b2d2aefb9c25c7daa5dfe251f02317aae3027a7f8221710d9a5a3d3d5
8929d94e910af00977ccc910ac9ecd3bb69d58433f59074d38d4c6487acb41aa
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d
a6228e761dcb43896055c3e8271b1e4dfd480df47f1ee88c57c1000b991e60c0
ade64b94b199f7eed364aed791007ad5ea08cb6b4d23d29a4e525eed6d546cc3
af8574c64eb8a1a24537fe67d1c22a775ddff60c52157b8922dae42caf91db97
b322ec4f04cce9da5fdb6d36fbc9aa027d5542b06fea9dcf18225f36e02f480f
ba4dde2c5e2251033818c4f743e6bb20635f9c2ea216bd000b7b882bb9bb4e62
bb311a0fd46dbef6a3d721fafe96428cae2875bf97826a7c97eedc380072aef2
ce2b6aa9e453dac040ec4d3fa1fee26e4a1a02449216cd3e1e63da7b2c62be8a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d07461f48d7f187393d0e87635053082d75069133a1ec7b9828bec3b66f40bc7
d37a519f3a04fe4c01c920f2ba0cf85283ebd419b5d101a606c5ee2b33f19b35
db0da7efe3ac5fc9e598f71e291326f137ea7bbbf97fed4fee0e86b717b0d9a8
e4d188579bddcd83fc8d1383f60e6a50c5cc3428e4f6c32b493a8cce04bc9c87
e524d44843e7d1c9ec644402f6d3c2b74655676f373b5c1338807c11afc2325e
f61115d7a15f95b2788e6f7fd5fbc22075cf23ee83fc45e3cbf4cdf057c1b2ea
fb0937c8795554e0837a02e3c17fc431c8665d70b631fd4bc285e8c10e5e22a6
ffc79feebdfe105c3de8840c2a5814b3fae59d3529463fdf9329080967ed92ba

hromok-ca.shop Open in urlscan Pro 2a01:4f8:140:8224::1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

175 Requests

63 %HTTPS

33 %IPv6

64 Domains

83 Subdomains

49 IPs

4 Countries

2481 kBTransfer

6110 kBSize

Cookies

0 Outgoing links

Redirected requests

175 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hromok-ca.shop Open in urlscan Pro
2a01:4f8:140:8224::1 Public Scan

Screenshot
Live screenshot

Full Image

175
Requests

63 %
HTTPS

33 %
IPv6

64
Domains

83
Subdomains

49
IPs

4
Countries

2481 kB
Transfer

6110 kB
Size

175 HTTP transactions
9 data transactions