urlscan.io logo urlscan.io
SecurityTrails logo

www.fox13now.com Open in urlscan Pro
143.204.98.32  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Submission: On May 02 via api from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 107 IPs in 10 countries across 90 domains to perform 431 HTTP transactions. The main IP is 143.204.98.32, located in United States and belongs to AMAZON-02, US. The main domain is www.fox13now.com. The Cisco Umbrella rank of the primary domain is 78897.
TLS certificate: Issued by Amazon on February 17th 2022. Valid for: a year.
This is the only time www.fox13now.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 143.204.98.32 16509 (AMAZON-02)
6 13.35.254.32 16509 (AMAZON-02)
4 2600:9000:214... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a02:26f0:f7:... 20940 (AKAMAI-ASN1)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
6 104.102.29.173 20940 (AKAMAI-ASN1)
1 143.204.201.102 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:303... 13335 (CLOUDFLAR...)
6 52.222.210.175 16509 (AMAZON-02)
1 23.35.228.23 16625 (AKAMAI-AS)
2 3 104.92.74.8 16625 (AKAMAI-AS)
1 2a02:26f0:f7:... 20940 (AKAMAI-ASN1)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 35.227.208.151 15169 (GOOGLE)
1 13.35.255.237 16509 (AMAZON-02)
1 21 151.101.66.137 54113 (FASTLY)
2 13.35.254.19 16509 (AMAZON-02)
2 2.22.34.3 16625 (AKAMAI-AS)
1 2.22.32.24 16625 (AKAMAI-AS)
7 216.58.212.130 15169 (GOOGLE)
1 143.204.201.53 16509 (AMAZON-02)
1 54.144.144.142 14618 (AMAZON-AES)
5 2a00:1450:400... 15169 (GOOGLE)
1 3 108.157.4.15 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2600:9000:224... 16509 (AMAZON-02)
2 2600:1f18:e8a... 14618 (AMAZON-AES)
5 14 185.33.221.13 29990 (ASN-APPNEX)
3 52.28.203.152 16509 (AMAZON-02)
8 34.98.64.218 15169 (GOOGLE)
2 35.158.60.56 16509 (AMAZON-02)
5 54.229.167.98 16509 (AMAZON-02)
2 12 167.172.1.14 14061 (DIGITALOC...)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 34.149.20.76 15169 (GOOGLE)
2 2602:803:c004... 26667 (RUBICONPR...)
6 70.42.32.95 22075 (AS-OUTBRAIN)
2 151.101.14.132 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
2 151.101.2.137 54113 (FASTLY)
1 7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 185.93.2.243 60068 (CDN77 ^_^)
7 18.220.186.98 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
52 2a00:1450:400... 15169 (GOOGLE)
31 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 18.196.104.163 16509 (AMAZON-02)
21 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
12 21 142.250.186.34 15169 (GOOGLE)
4 6 104.102.29.65 20940 (AKAMAI-ASN1)
4 104.89.28.165 16625 (AKAMAI-AS)
6 142.250.186.66 15169 (GOOGLE)
1 216.58.212.166 15169 (GOOGLE)
3 34.149.12.213 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:401... 15169 (GOOGLE)
1 172.217.23.98 15169 (GOOGLE)
2 2 134.209.131.220 14061 (DIGITALOC...)
2 205.185.216.10 20446 (STACKPATH...)
4 151.101.1.108 54113 (FASTLY)
6 12 76.223.111.18 16509 (AMAZON-02)
1 67.202.105.21 32748 (STEADFAST)
6 104.89.20.125 16625 (AKAMAI-AS)
3 3 151.101.66.49 54113 (FASTLY)
1 52.17.196.42 16509 (AMAZON-02)
4 52.223.40.198 16509 (AMAZON-02)
3 2620:1ec:21::14 8068 (MICROSOFT...)
2 3 2a05:d018:d29... 16509 (AMAZON-02)
3 5 18.185.12.233 16509 (AMAZON-02)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
4 7 52.46.154.242 16509 (AMAZON-02)
2 2 50.31.142.31 23352 (SERVERCEN...)
1 2 69.173.144.139 26667 (RUBICONPR...)
4 4 69.173.144.165 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
2 35.244.174.68 15169 (GOOGLE)
3 104.102.28.254 20940 (AKAMAI-ASN1)
2 35.186.253.211 15169 (GOOGLE)
4 4 18.159.9.226 16509 (AMAZON-02)
3 3 18.156.0.31 16509 (AMAZON-02)
2 72.251.249.14 29791 (VOXEL-DOT...)
2 178.162.133.149 60781 (LEASEWEB-...)
2 104.18.102.194 13335 (CLOUDFLAR...)
1 8.43.72.97 26667 (RUBICONPR...)
2 8.28.7.81 ()
2 3 37.157.4.41 ()
2 21 185.64.190.80 ()
2 2 216.200.232.253 ()
2 3 52.210.200.111 ()
1 178.250.2.151 ()
1 72.251.245.179 ()
1 38.91.45.7 ()
1 1 18.204.146.207 ()
1 2 2606:4700:440... ()
2 2 35.158.166.215 ()
1 2 52.206.177.106 ()
1 1 154.59.122.79 ()
2 2 213.19.147.45 ()
1 2 104.92.91.221 ()
2 198.47.127.20 ()
1 2 169.50.137.184 ()
1 1 2001:678:cb4:... ()
1 2a02:fa8:8806... ()
1 1 54.237.148.231 ()
1 1 2620:116:800d... ()
2 2 54.229.65.185 ()
1 107.22.220.218 ()
1 2 38.67.14.233 ()
1 66.155.71.150 ()
1 1 45.35.192.162 ()
1 1 2a04:4e42::300 ()
1 151.101.193.44 ()
1 1 23.88.75.187 ()
1 195.5.165.20 ()
1 18.134.175.161 ()
1 1 34.102.253.54 ()
1 1 178.62.202.251 ()
431 107
6    143.204.98.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-32.fra50.r.cloudfront.net
www.fox13now.com
6    13.35.254.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-254-32.fra6.r.cloudfront.net
ewscripps.brightspotcdn.com
4    2600:9000:214f:4a00:13:a391:88c0:21 (United States)

ASN16509 (AMAZON-02, US)
d3plfjw9uod7ab.cloudfront.net
2    2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
5    2a02:26f0:f7::5c7b:e031 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
3    2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
6    104.102.29.173 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-173.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
1    143.204.201.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-102.fra53.r.cloudfront.net
assets.scrippsdigital.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2606:4700:3032::ac43:cb69 (United States)

ASN13335 (CLOUDFLARENET, US)
analyticssystems.net
6    52.222.210.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-210-175.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
hbx.media.net
3    104.92.74.8 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
secure-assets.rubiconproject.com
1    2a02:26f0:f7::5c7b:e01c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    35.227.208.151 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 151.208.227.35.bc.googleusercontent.com
aswpsdkus.com
1    13.35.255.237 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-255-237.fra6.r.cloudfront.net
cdn.parsely.com
21    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
capi.connatix.com
lit.connatix.com
img.connatix.com
vid.connatix.com
2    13.35.254.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-254-19.fra6.r.cloudfront.net
api.ewscloud.com
2    2.22.34.3 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-22-34-3.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
images.outbrainimg.com
1    2.22.32.24 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-22-32-24.deploy.static.akamaitechnologies.com
hblg.media.net
7    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net
securepubads.g.doubleclick.net
1    143.204.201.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-53.fra53.r.cloudfront.net
ob.cheqzone.com
1    54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com
p1.parsely.com
5    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    108.157.4.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-15.dus51.r.cloudfront.net
sb.scorecardresearch.com
2    2606:4700:20::681a:274 (United States)

ASN13335 (CLOUDFLARENET, US)
tru.am
1    2600:9000:2240:5800:10:618e:d880:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.ewscloud.com
2    2600:1f18:e8a:cd02:882c:d916:bae1:7722 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
obs.cheqzone.com
14    185.33.221.13 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
secure.adnxs.com
3    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
8    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
ewscripps-d.openx.net
us-u.openx.net
u.openx.net
2    35.158.60.56 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-60-56.eu-central-1.compute.amazonaws.com
tlx.3lift.com
5    54.229.167.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-167-98.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
12    167.172.1.14 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
2    2a02:fa8:8806:16::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
3    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
2    2602:803:c004:200::141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
6    70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
log.outbrainimg.com
mcdp-nydc1.outbrain.com
2    151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
mv.outbrain.com
3    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
ins.connatix.com
vid.connatix.com
7    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    185.93.2.243 (Paris, France)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-93-2-243.datapacket.com
cheqzone.b-cdn.net
7    18.220.186.98 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-220-186-98.us-east-2.compute.amazonaws.com
capi-tier-1-us-east-2.connatix.com
4    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
52    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
31    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
5    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
4    18.196.104.163 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-104-163.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
21    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a02:26f0:3500:58b::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
3    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
21    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
6    104.102.29.65 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-65.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
4    104.89.28.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-28-165.deploy.static.akamaitechnologies.com
sync.teads.tv
6    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
googleads4.g.doubleclick.net
1    216.58.212.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f6.1e100.net
ad.doubleclick.net
3    34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com
tps.doubleverify.com
tpsc-eu3.doubleverify.com
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
1    2a00:1450:401e:28::9 (Ireland)

ASN15169 (GOOGLE, US)
r4---sn-4g5ednsr.c.2mdn.net
1    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
ade.googlesyndication.com
2    134.209.131.220 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.serverbid.com
2    205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
4    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
12    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
6    104.89.20.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-20-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    52.17.196.42 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-196-42.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
4    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    2a05:d018:d29:3601:11a:a397:8c8e:9db5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
5    18.185.12.233 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-12-233.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
7    52.46.154.242 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    50.31.142.31 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
3    104.102.28.254 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-28-254.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
4    18.159.9.226 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-9-226.eu-central-1.compute.amazonaws.com
pixel.advertising.com
3    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
2    178.162.133.149 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
2    104.18.102.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    8.28.7.81 (None, )

ASN- ()
image6.pubmatic.com
3    37.157.4.41 (None, )

ASN- ()
c1.adform.net
21    185.64.190.80 (None, )

ASN- ()
simage2.pubmatic.com
image2.pubmatic.com
2    216.200.232.253 (None, )

ASN- ()
sync.mathtag.com
3    52.210.200.111 (None, )

ASN- ()
match.prod.bidr.io
1    178.250.2.151 (None, )

ASN- ()
dis.criteo.com
1    72.251.245.179 (None, )

ASN- ()
cm.adgrx.com
1    38.91.45.7 (None, )

ASN- ()
match.deepintent.com
1    18.204.146.207 (None, )

ASN- ()
sync.srv.stackadapt.com
2    2606:4700:4400::6812:230b (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
2    35.158.166.215 (None, )

ASN- ()
pm.w55c.net
2    52.206.177.106 (None, )

ASN- ()
beacon.lynx.cognitivlabs.com
1    154.59.122.79 (None, )

ASN- ()
ums.acuityplatform.com
2    213.19.147.45 (None, )

ASN- ()
sync.1rx.io
2    104.92.91.221 (None, )

ASN- ()
px.owneriq.net
2    198.47.127.20 (None, )

ASN- ()
image4.pubmatic.com
2    169.50.137.184 (None, )

ASN- ()
um.simpli.fi
1    2001:678:cb4:bbbb::11 (None, )

ASN- ()
ad.turn.com
1    2a02:fa8:8806:13::1370 (None, )

ASN- ()
pubmatic-match.dotomi.com
1    54.237.148.231 (None, )

ASN- ()
sync.ipredictive.com
1    2620:116:800d:21:36a9:ecb:e518:b308 (None, )

ASN- ()
pixel.quantserve.com
2    54.229.65.185 (None, )

ASN- ()
ads.avct.cloud
1    107.22.220.218 (None, )

ASN- ()
rtb.adentifi.com
2    38.67.14.233 (None, )

ASN- ()
pmp.mxptint.net
1    66.155.71.150 (None, )

ASN- ()
pixel-sync.sitescout.com
1    45.35.192.162 (None, )

ASN- ()
sync.resetdigital.co
1    2a04:4e42::300 (None, )

ASN- ()
trc.taboola.com
1    151.101.193.44 (None, )

ASN- ()
match.taboola.com
1    23.88.75.187 (None, )

ASN- ()
csync.loopme.me
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
1    18.134.175.161 (None, )

ASN- ()
aa.agkn.com
1    34.102.253.54 (None, )

ASN- ()
ads.playground.xyz
1    178.62.202.251 (None, )

ASN- ()
match.adsby.bidtheatre.com
Apex Domain
Subdomains		 Transfer
57 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
ade.googlesyndication.com — Cisco Umbrella Rank: 259
384 KB
54 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 248
gcdn.2mdn.net — Cisco Umbrella Rank: 889
r4---sn-4g5ednsr.c.2mdn.net
4 MB
45 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 165
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 194
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 275
ad.doubleclick.net — Cisco Umbrella Rank: 182
315 KB
30 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 3136
cds.connatix.com — Cisco Umbrella Rank: 3200
capi.connatix.com — Cisco Umbrella Rank: 3524
lit.connatix.com — Cisco Umbrella Rank: 6998
ins.connatix.com — Cisco Umbrella Rank: 5494
capi-tier-1-us-east-2.connatix.com — Cisco Umbrella Rank: 4024
vid.connatix.com — Cisco Umbrella Rank: 3947
img.connatix.com — Cisco Umbrella Rank: 3856
418 KB
28 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 420
image6.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
image2.pubmatic.com
aud.pubmatic.com Failed
41 KB
22 rubiconproject.com
ads.rubiconproject.com — Cisco Umbrella Rank: 2558
fastlane.rubiconproject.com — Cisco Umbrella Rank: 438
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3321
eus.rubiconproject.com — Cisco Umbrella Rank: 518
pixel.rubiconproject.com — Cisco Umbrella Rank: 320
token.rubiconproject.com — Cisco Umbrella Rank: 632
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 955
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1132
152 KB
18 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 217
acdn.adnxs.com — Cisco Umbrella Rank: 561
secure.adnxs.com — Cisco Umbrella Rank: 374
54 KB
14 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 3107
sync.serverbid.com — Cisco Umbrella Rank: 6531
3 KB
14 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 527
eb2.3lift.com — Cisco Umbrella Rank: 342
6 KB
13 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 280
s.amazon-adsystem.com — Cisco Umbrella Rank: 271
45 KB
10 openx.net
ewscripps-d.openx.net — Cisco Umbrella Rank: 36658
us-u.openx.net — Cisco Umbrella Rank: 359
u.openx.net — Cisco Umbrella Rank: 693
rtb.openx.net — Cisco Umbrella Rank: 1401
2 KB
10 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 770
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 393
ads.yahoo.com — Cisco Umbrella Rank: 1116
ups.analytics.yahoo.com — Cisco Umbrella Rank: 281
4 KB
9 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1341
widget-pixels.outbrain.com — Cisco Umbrella Rank: 2888
odb.outbrain.com — Cisco Umbrella Rank: 1513
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 6954
mv.outbrain.com — Cisco Umbrella Rank: 3457
103 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 5
adservice.google.com — Cisco Umbrella Rank: 63
2 KB
7 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 4142
log.outbrainimg.com — Cisco Umbrella Rank: 2250
images.outbrainimg.com — Cisco Umbrella Rank: 2166
37 KB
6 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 507
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 510
6 KB
6 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1325
usersync.gumgum.com — Cisco Umbrella Rank: 2909
rtb.gumgum.com
13 KB
6 typekit.net
use.typekit.net — Cisco Umbrella Rank: 455
p.typekit.net — Cisco Umbrella Rank: 562
69 KB
6 brightspotcdn.com
ewscripps.brightspotcdn.com — Cisco Umbrella Rank: 25716
316 KB
6 fox13now.com
www.fox13now.com — Cisco Umbrella Rank: 78897
334 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 277
2 KB
5 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 440
tps.doubleverify.com — Cisco Umbrella Rank: 459
tpsc-eu3.doubleverify.com — Cisco Umbrella Rank: 14754
103 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 371
112 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
21 KB
4 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 391
1 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 327
1 KB
4 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 910
688 B
4 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 384
740 KB
4 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1351
ssc-cms.33across.com — Cisco Umbrella Rank: 892
710 B
4 analyticssystems.net
analyticssystems.net — Cisco Umbrella Rank: 8702
2 KB
4 cloudfront.net
d3plfjw9uod7ab.cloudfront.net
104 KB
3 bidr.io
match.prod.bidr.io
2 KB
3 adform.net
c1.adform.net
1 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 409
1 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 532
826 B
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 158
110 KB
3 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 1835
pubmatic-match.dotomi.com
1 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 126
2 KB
3 cheqzone.com
ob.cheqzone.com — Cisco Umbrella Rank: 7657
obs.cheqzone.com — Cisco Umbrella Rank: 4937
22 KB
3 ewscloud.com
api.ewscloud.com — Cisco Umbrella Rank: 34976
static.ewscloud.com — Cisco Umbrella Rank: 47785
10 KB
3 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 810
132 KB
2 taboola.com
trc.taboola.com
match.taboola.com
529 B
2 mxptint.net
pmp.mxptint.net
965 B
2 avct.cloud
ads.avct.cloud
894 B
2 simpli.fi
um.simpli.fi
1 KB
2 owneriq.net
px.owneriq.net
476 B
2 1rx.io
sync.1rx.io
741 B
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com
573 B
2 w55c.net
pm.w55c.net
1 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 mathtag.com
sync.mathtag.com
1 KB
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 516
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 888
956 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 543
554 B
2 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 536
idsync.rlcdn.com
44 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 566
602 B
2 bing.com
c.bing.com — Cisco Umbrella Rank: 205
879 B
2 digitaloceanspaces.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com — Cisco Umbrella Rank: 8537
10 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6250
adservice.google.de — Cisco Umbrella Rank: 8752
1 KB
2 tru.am
tru.am — Cisco Umbrella Rank: 5636
12 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2537
p1.parsely.com — Cisco Umbrella Rank: 2020
24 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 133
83 KB
2 media.net
hbx.media.net — Cisco Umbrella Rank: 1053
hblg.media.net — Cisco Umbrella Rank: 1478
131 KB
2 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 465
8 KB
1 bidtheatre.com
match.adsby.bidtheatre.com
534 B
1 playground.xyz
ads.playground.xyz
466 B
1 agkn.com
aa.agkn.com
350 B
1 iprom.net
core.iprom.net
277 B
1 loopme.me
csync.loopme.me
217 B
1 resetdigital.co
sync.resetdigital.co
485 B
1 sitescout.com
pixel-sync.sitescout.com
191 B
1 adentifi.com
rtb.adentifi.com
47 B
1 quantserve.com
pixel.quantserve.com
538 B
1 ipredictive.com
sync.ipredictive.com
522 B
1 turn.com
ad.turn.com
518 B
1 acuityplatform.com
ums.acuityplatform.com
674 B
1 stackadapt.com
sync.srv.stackadapt.com
615 B
1 deepintent.com
match.deepintent.com
44 B
1 adgrx.com
cm.adgrx.com
408 B
1 criteo.com
dis.criteo.com
363 B
1 b-cdn.net
cheqzone.b-cdn.net — Cisco Umbrella Rank: 41569
5 KB
1 aswpsdkus.com
aswpsdkus.com — Cisco Umbrella Rank: 5502
38 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 55
42 KB
1 scrippsdigital.com
assets.scrippsdigital.com — Cisco Umbrella Rank: 35120
4 KB
0 semasio.net Failed
uipglob.semasio.net Failed
0 crwdcntrl.net Failed
sync.crwdcntrl.net Failed
0 inmobi.com Failed
mweb.ck.inmobi.com Failed
0 truffle.bid Failed
matching.truffle.bid Failed
0 appier.net Failed
gocm.c.appier.net Failed
0 bnmla.com Failed
match.bnmla.com Failed
431 90
Domain Requested by
52 s0.2mdn.net imasdk.googleapis.com
www.fox13now.com
s0.2mdn.net
31 pagead2.googlesyndication.com www.fox13now.com
srcdoc
a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
www.googletagservices.com
21 cm.g.doubleclick.net 12 redirects googleads.g.doubleclick.net
eb2.3lift.com
21 tpc.googlesyndication.com www.fox13now.com
a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
17 simage2.pubmatic.com 2 redirects ads.pubmatic.com
12 eb2.3lift.com 6 redirects ads.rubiconproject.com
eb2.3lift.com
12 e.serverbid.com 2 redirects ads.rubiconproject.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
ads.pubmatic.com
11 ib.adnxs.com 4 redirects ads.rubiconproject.com
googleads.g.doubleclick.net
acdn.adnxs.com
10 vid.connatix.com cd.connatix.com
www.fox13now.com
7 s.amazon-adsystem.com 4 redirects eb2.3lift.com
7 googleads.g.doubleclick.net www.fox13now.com
a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
7 capi-tier-1-us-east-2.connatix.com cd.connatix.com
7 www.google.com 1 redirects www.fox13now.com
a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
tpc.googlesyndication.com
7 securepubads.g.doubleclick.net www.fox13now.com
securepubads.g.doubleclick.net
cd.connatix.com
6 eus.rubiconproject.com ads.rubiconproject.com
eus.rubiconproject.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
6 googleads4.g.doubleclick.net www.fox13now.com
6 img.connatix.com www.fox13now.com
6 c.amazon-adsystem.com www.fox13now.com
c.amazon-adsystem.com
6 ewscripps.brightspotcdn.com www.fox13now.com
6 www.fox13now.com www.fox13now.com
ewscripps.brightspotcdn.com
5 x.bidswitch.net 3 redirects eb2.3lift.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 log.outbrainimg.com widgets.outbrain.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.fox13now.com
5 widgets.outbrain.com www.fox13now.com
widgets.outbrain.com
5 use.typekit.net www.fox13now.com
use.typekit.net
4 image2.pubmatic.com ads.pubmatic.com
4 pixel.advertising.com 4 redirects
4 token.rubiconproject.com 4 redirects
4 match.adsrvr.org eb2.3lift.com
ads.pubmatic.com
4 acdn.adnxs.com ads.rubiconproject.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
4 sync.teads.tv googleads.g.doubleclick.net
4 us-u.openx.net googleads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 prebid-a.rubiconproject.com ads.rubiconproject.com
4 a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 imasdk.googleapis.com cd.connatix.com
imasdk.googleapis.com
4 g2.gumgum.com ads.rubiconproject.com
4 analyticssystems.net www.fox13now.com
a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
4 d3plfjw9uod7ab.cloudfront.net www.fox13now.com
a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
3 match.prod.bidr.io 2 redirects ads.pubmatic.com
3 c1.adform.net 2 redirects ads.pubmatic.com
3 secure.adnxs.com 1 redirects acdn.adnxs.com
3 ups.analytics.yahoo.com 3 redirects
3 ads.pubmatic.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
ads.pubmatic.com
3 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
3 px.ads.linkedin.com eb2.3lift.com
3 sync-tm.everesttech.net 3 redirects
3 www.googletagservices.com a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
3 stats.g.doubleclick.net www.google-analytics.com
3 ssc.33across.com ads.rubiconproject.com
3 c2shb.ssp.yahoo.com ads.rubiconproject.com
3 sb.scorecardresearch.com 1 redirects www.fox13now.com
3 cds.connatix.com www.fox13now.com
cd.connatix.com
3 use.fontawesome.com www.fox13now.com
use.fontawesome.com
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 ads.avct.cloud 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 px.owneriq.net 1 redirects ads.pubmatic.com
2 sync.1rx.io 2 redirects
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 sync.mathtag.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 p.adsymptotic.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2 sync.go.sonobi.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2 ap.lijit.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2 ssum-sec.casalemedia.com 2 redirects
2 rtb.openx.net serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2 secure-assets.rubiconproject.com 2 redirects
2 pixel.rubiconproject.com 1 redirects
2 b1sync.zemanta.com 2 redirects
2 c.bing.com eb2.3lift.com
2 u.openx.net ads.rubiconproject.com
2 serverbid-sync.nyc3.cdn.digitaloceanspaces.com ads.rubiconproject.com
2 sync.serverbid.com 2 redirects
2 tpsc-eu3.doubleverify.com cdn.doubleverify.com
2 cdn.doubleverify.com a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
www.fox13now.com
2 fastlane.rubiconproject.com ads.rubiconproject.com
2 web.hb.ad.cpe.dotomi.com ads.rubiconproject.com
2 tlx.3lift.com ads.rubiconproject.com
2 ewscripps-d.openx.net ads.rubiconproject.com
2 obs.cheqzone.com ob.cheqzone.com
www.fox13now.com
2 tru.am www.googletagmanager.com
tru.am
2 api.ewscloud.com ewscripps.brightspotcdn.com
2 connect.facebook.net www.fox13now.com
connect.facebook.net
2 cdn.cookielaw.org www.fox13now.com
cdn.cookielaw.org
1 rtb.gumgum.com
1 match.adsby.bidtheatre.com 1 redirects
1 ads.playground.xyz 1 redirects
1 aa.agkn.com
1 core.iprom.net ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 sync.resetdigital.co 1 redirects
1 pixel-sync.sitescout.com ads.pubmatic.com
1 rtb.adentifi.com ads.pubmatic.com
1 pixel.quantserve.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 idsync.rlcdn.com ads.pubmatic.com
1 ums.acuityplatform.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 id.rlcdn.com
1 ads.yahoo.com
1 usersync.gumgum.com ads.rubiconproject.com
1 ssc-cms.33across.com ads.rubiconproject.com
1 ade.googlesyndication.com
1 r4---sn-4g5ednsr.c.2mdn.net
1 gcdn.2mdn.net 1 redirects
1 tps.doubleverify.com cdn.doubleverify.com
1 ad.doubleclick.net a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
1 mv.outbrain.com widgets.outbrain.com
1 images.outbrainimg.com www.fox13now.com
1 mcdp-nydc1.outbrain.com widgets.outbrain.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 cheqzone.b-cdn.net ob.cheqzone.com
1 www.google.de www.fox13now.com
1 ins.connatix.com cd.connatix.com
1 lit.connatix.com cd.connatix.com
1 odb.outbrain.com widgets.outbrain.com
1 capi.connatix.com cd.connatix.com
1 static.ewscloud.com www.fox13now.com
1 p1.parsely.com www.fox13now.com
1 ob.cheqzone.com widgets.outbrain.com
1 hblg.media.net www.fox13now.com
1 widget-pixels.outbrain.com www.fox13now.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 cd.connatix.com 1 redirects
1 cdn.parsely.com www.fox13now.com
1 aswpsdkus.com www.fox13now.com
1 p.typekit.net use.typekit.net
1 ads.rubiconproject.com www.fox13now.com
1 hbx.media.net www.fox13now.com
1 www.googletagmanager.com www.fox13now.com
1 assets.scrippsdigital.com www.fox13now.com
0 uipglob.semasio.net Failed
0 aud.pubmatic.com Failed
0 sync.crwdcntrl.net Failed
0 mweb.ck.inmobi.com Failed ads.pubmatic.com
0 matching.truffle.bid Failed ads.pubmatic.com
0 gocm.c.appier.net Failed ads.pubmatic.com
0 match.bnmla.com Failed ads.pubmatic.com
431 153
Subject Issuer Validity Valid
*.scrippsnationalnews.com
Amazon		 2022-02-17 -
2023-03-18		 a year crt.sh
ewscripps.brightspotcdn.com
Amazon		 2022-04-30 -
2023-05-29		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-07 -
2023-04-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.scrippsdigital.com
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.analyticssystems.net
E1		 2022-04-05 -
2022-07-04		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-02-08 -
2022-05-09		 3 months crt.sh
aswpsdkus.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-20 -
2023-02-20		 a year crt.sh
*.parsely.com
Amazon		 2021-07-05 -
2022-08-03		 a year crt.sh
*.ewscloud.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-19 -
2022-09-19		 a year crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.cheqzone.com
Amazon		 2022-01-22 -
2023-02-20		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2021-08-20 -
2022-09-21		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-08-31		 6 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
e.serverbid.com
R3		 2022-04-13 -
2022-07-12		 3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-07-13 -
2022-06-25		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2022-03-22 -
2022-06-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA		 2021-11-07 -
2022-11-11		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-12-23 -
2022-12-23		 a year crt.sh
teads.tv
R3		 2022-03-23 -
2022-06-21		 3 months crt.sh
*.nyc3.cdn.digitaloceanspaces.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-18 -
2023-05-03		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2022-03-28 -
2022-09-28		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-03-16 -
2022-09-16		 6 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-03-11 -
2023-04-12		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
beacon.lynx.cognitivlabs.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
*.owneriq.net
GeoTrust RSA CA 2018		 2021-12-05 -
2022-12-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.iprom.net
R3		 2022-03-24 -
2022-06-22		 3 months crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh

This page contains 69 frames:

Primary Page: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Frame ID: 1B69628BDAF42FC7CE6D94A7A910B69A
Requests: 129 HTTP requests in this frame

Frame: https://cds.connatix.com/p/160259/connatix.playspace.dc.js
Frame ID: 918642B9A1AA24E63F9F196771A8BF78
Requests: 15 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Frame ID: 027FC94D4448EDC10EE7F2DFB6B1B078
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Frame ID: BAFF7D747FA360FF261BB08886725F67
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Frame ID: 617583DAF0670837DE9BC7ED82D0B320
Requests: 1 HTTP requests in this frame

Frame: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2DC83A920A6031CE8A8D25639245D80E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: C3A75408D8087D676C2F638A084ADB49
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 94FD3F2EE20CDA47430CD550152AC1F5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 6A243EFF26F8D0085B17C6F732C6700E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 5068FD3CCD78A4790D426A49C4D94EEB
Requests: 12 HTTP requests in this frame

Frame: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D9E761DA6511F09397ACFE194988D4CE
Requests: 21 HTTP requests in this frame

Frame: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AE504E9ACE7690E339388A05DA57BC2B
Requests: 18 HTTP requests in this frame

Frame: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 665510E44204B609CD5AAE628D276F1F
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhChpIcCGIq5mccBMAE&v=APEucNUYkcEqzNqmhA6NhhfXCfxC7-kpz4fw5A6C01Z2z4CGtYgg6I7MpEaMvjfc3Ud6wtYtM5egTuhKOnCtvQoJgMBdaej0GVU96yT3PTm9F2ZERmy8e9Z3NPU7l8Bn7-3KnS7IaqxrxkE8P_gPjyNTQlQe9C58DstvuqM9jYY_bQAzBLpJVq8
Frame ID: 0DF7D249394003F466D5DB0ED9B1D694
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEIHeluACGPH-0rUBMAE&v=APEucNWnHCM_vCfIvjzXPx5kiQkwoqQs-nkwZvajYf5tXS80OFDcfXODxnaZNF9az5c3W8Gfy0oRZmYRMQaTlTjsw2QhN5vDFmPUBfK231MPp0kI4Co1RcwwB7mA0l71D-iS-QNqY0Dc8wQ2afId21joszSdkUvHo7OhUWUGWjhZQUfA5PHKJyY
Frame ID: 0706605988D59726DB505DF506D94AA8
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEIHeluACGPz90rUBMAE&v=APEucNWdOGeasM5Uuf8MAbbiKX6VeaHrRkUvnI7Zz_JLXxyk3FWPRAyWqzvBX_E0GvBZ6ifUAobOaVbtIYthBxKZahDd1ixyv84EFfOQx6X2FycbSom_oDX1b6yuovm7mA_G0SrBWNKD1KwpQb-lwlhi6fvyPI1BNB5IWlly7z9b4jGp55EM668
Frame ID: 1FCCEC1864146CC916FC6ECAD99507EA
Requests: 5 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2678.js
Frame ID: 4AAEEEB998A833A0CC5E438BED207555
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6115741928127463424/DE/index.html?e=69&leftOffset=0&topOffset=0&c=DmDh6tSodU&t=1&renderingType=2
Frame ID: DD5F5C5092EB334C999854B600235679
Requests: 21 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=dHup4iPFus&t=1&renderingType=2
Frame ID: 3073B7CE529E57099B8F9D89D061C2ED
Requests: 22 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3875675003022213120/index.html?e=69&leftOffset=0&topOffset=0&c=McmFizFeY9&t=1&renderingType=2
Frame ID: 4BA554AA0F74762AD042B13F78C8A519
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 040F73291BB02779BEC96C2929ADABC0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EAEBC16E2386EFE287B87CB4CA27523E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7BEA99528186DE7DD5C3B31494B8AE43
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5E9CE62E59A3D2AFFCCFC9C1DC7412DD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 57A719395BAB15A2C7E6D3C1AF394FD7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/L40_bwVzlW8spCJYIlxRfazkqz_naZf8jNC5QLvZgqM.js
Frame ID: 36072EE4CC67A6D2DB39FFE074F3587C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/L40_bwVzlW8spCJYIlxRfazkqz_naZf8jNC5QLvZgqM.js
Frame ID: DB0B15C51EC9A80C09A0F2A30578BCDD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/L40_bwVzlW8spCJYIlxRfazkqz_naZf8jNC5QLvZgqM.js
Frame ID: DDD5DF6127B3C3677BA753A995AAE182
Requests: 1 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Frame ID: 5C69D7D7CCB6616FE23AED66F5C17816
Requests: 8 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 7A1E1F5EA3780C4FB9BDC78E0C828190
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AC80E314D5520AC25F8D0AC13ED8A894
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 9C218C8C9366791122EEE420E8678AD3
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 3CFE1BE7A6B2A6800DC175BE339E620F
Requests: 11 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Frame ID: F929A44278B0E94D6BD1826D40ABA0DB
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B81CE3ECCE5A02B2F99E9BA613DEB9CF
Requests: 3 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bgZdFqByur67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 938C983AC146F646C9A99190E2008C98
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 6013CE0715FA626496D4B8AEFE9D7571
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 90F62EE9F37FBEAEE5AA30B3554F3777
Requests: 10 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Ym9c_QAYz_k7IAAy&gdpr=1&gdpr_consent=&_test=Ym9c_QAYz_k7IAAy
Frame ID: B51176F5DD3CC24858D702FDAA301374
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: 51C2EDCE82BF90BCC49B625EBE07661F
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Frame ID: AA0B086EFF17540CAB25D387C337777A
Requests: 22 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 448D9EF0E6C70EEC94AFBD96F34BE4EB
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: 5DEC5F802E8BD5F9C9EB21DBCAC2DC2F
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Frame ID: C8A8378A9E4FE4BCA0FA1A89AC55C496
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: CF84B7CBCAFF3E0E294541E30C13279A
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A
Frame ID: 248691504EC8D7B89571C502E308A8C0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ym9c_QAYz_k7IAAy&gdpr=0&gdpr_consent=
Frame ID: 6694CAF22E206DA50FB3FF4307D90581
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4258626f-5cfc-4400-a1ea-03b44ace646e&gdpr=0&gdpr_consent=
Frame ID: E55D28989537A0AD6E45ED1ADD97B6F5
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: F902BECDCE55D4E5B7B409BFE8497D47
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 56C2F2F42B3E17935E6AA6DBB8F401CF
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: A7365BF7F27EA89053BBBF0EFC1F3EE5
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 3D1F83CD7139C3BD1ABD0A0732A44123
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Fidn7SkuSxtSvuZwHVPEBiU6OvY
Frame ID: 268DBA69B89E689ED43D74C7BC8B1A88
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 24DA98E8D46747D015EBA1BC48EA38FF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:0XBMYQJd1NLnBN5&gdpr=0&gdpr_consent=
Frame ID: 21A44FB1FB2173C7F791FBD59AC2CE57
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A
Frame ID: 34DC705105E9AD662E4DFD534CB0DE9D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=666827565845
Frame ID: 180E0D8CDE529ADEE40DF462B2379BBB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Frame ID: A53544E9F5E8BA0D9CB876E18C0E8D53
Requests: 1 HTTP requests in this frame

Frame: https://px.owneriq.net/noop?ct=image%2Fgif
Frame ID: 676B59AEA68B357683FBC9D7296422F9
Requests: 1 HTTP requests in this frame

Frame: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A
Frame ID: 230936D46D37EF3FD2CB6437F5C7D602
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=0d69f59d-c626-4e23-a8f9-27472c545ae9-tuct968e27d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 07F080307CA1FC1D6B31A448A9E7C845
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 1BC1C76E0DF2A3DC180C2EFA26A4E11D
Requests: 1 HTTP requests in this frame

Frame: https://gocm.c.appier.net/pubmatic
Frame ID: 0DB7DFF04E0140DE108005544BE16DC4
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 50A79EFBF7EBB1806E057A0473FCB592
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 93E8E8EA34E4CDFCD5CF236691D0E227
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 220D2D47544FFB99371EDA861C095212
Requests: 1 HTTP requests in this frame

Frame: https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
Frame ID: A89C4D36EE628F808CE91E78DDC944D9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:07EF5973657A47F18676EC61408A95CB
Frame ID: 64261EBF1E80CB431846C65BBA9BDD65
Requests: 1 HTTP requests in this frame

Frame: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A
Frame ID: 8AA3C4796C9EAA7EFFCEED79894B551D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Billionaire Utahn to give away 90% of his wealth

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

431
Requests

86 %
HTTPS

31 %
IPv6

90
Domains

153
Subdomains

107
IPs

10
Countries

8516 kB
Transfer

21927 kB
Size

45
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/160259/connatix.playspace.dc.js
Request Chain 54
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036471&ns__t=1651465459245&ns_c=UTF-8&cv=3.5&c8=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&c7=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1651465459245&ns_c=UTF-8&cv=3.5&c8=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&c7=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&c9=
Request Chain 158
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 190
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKM8WR2VaICYw9pmsbWvZo&google_cver=1
Request Chain 191
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ym9c9hkFj-qPLj-uiMyvHgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKM8WR2VaICYw9pmsbWvZo&google_cver=1
Request Chain 192
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFc3BjWNPiEC33Cl1SMUFyk&google_cver=1
Request Chain 193
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ5NjUyNzYyMTU3NTE1NDQ4
Request Chain 201
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDjrmuJbYmL320JGeYKttfo&google_cver=1
Request Chain 203
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEEVFUlwBPOckeBqZtWG3MFc&google_cver=1
Request Chain 205
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDjrmuJbYmL320JGeYKttfo&google_cver=1
Request Chain 207
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEEVFUlwBPOckeBqZtWG3MFc&google_cver=1
Request Chain 279
  • https://gcdn.2mdn.net/videoplayback/id/487a3284e53e151a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3793254689/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/56601C0C6ACEA5774DC9B315DB42D1FF3CFDC8DB.70233ABA7FF8BA2079DF2162A1A4EE313D4CF7C9/key/ck2/file/file.mp4 HTTP 302
  • https://r4---sn-4g5ednsr.c.2mdn.net/videoplayback/id/487a3284e53e151a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3793254689/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5505D644686C010EDD18812C17DC1423CFC47BA4.1631E51A1979322032BD04E3E98F17D3C559DF37/key/cms1/cms_redirect/yes/mh/SF/mip/2a00:c98:2030:a004:1::9/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1651463861/mv/u/mvi/4/pl/59/file/file.mp4
Request Chain 305
  • https://sync.serverbid.com/ss/2000248.html HTTP 302
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Request Chain 309
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 310
  • https://sync.serverbid.com/ss/2000248.html HTTP 302
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Request Chain 313
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 315
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=Ym9c_QAYz_k7IAAy HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Ym9c_QAYz_k7IAAy&gdpr=1&gdpr_consent=&_test=Ym9c_QAYz_k7IAAy
Request Chain 317
  • https://eb2.3lift.com/ebda?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjM3Mjk0MTU1NzM4MTY3MDYxOTE5Nw%3D%3D
Request Chain 319
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjM3Mjk0MTU1NzM4MTY3MDYxOTE5Nw%3D%3D
Request Chain 321
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4311888684089713943982?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-mWW8fyNE2oTvU1_niVxk42AKX5YpX3IeG.f0x6zT6w--~A&dongle=0883
Request Chain 324
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=4311888684089713943982 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4311888684089713943982&dcc=t
Request Chain 325
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 327
  • https://eb2.3lift.com/ebda?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjM3Mjk0MTU1NzM4MTY3MDYxOTE5Nw%3D%3D
Request Chain 329
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjM3Mjk0MTU1NzM4MTY3MDYxOTE5Nw%3D%3D
Request Chain 331
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2372941557381670619197?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-eltfhHNE2oSnUcZ8wrNItDVW.qfxNhbeeQPP2ffBfg--~A&dongle=0883
Request Chain 334
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2372941557381670619197 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2372941557381670619197&dcc=t
Request Chain 335
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 339
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=CSGIP6qkTESndtFRxKR0FQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=CSGIP6qkTESndtFRxKR0FQ
Request Chain 341
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L2O7W8GK-1V-22HO
Request Chain 342
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L2O7W8GK-1V-22HO&sigv=1&esig=2~f1b9be71474d3109568217ec0527e803e43c7c51
Request Chain 343
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKWr0j1WzGZzLecnil1UFrg&google_cver=1
Request Chain 344
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJPN1c4R0stMVYtMjJITw==
Request Chain 346
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjYyMTVkMDAzODZmZTgwOGZmM2RiZWE3ODZlOWRiYTNmYjczNjM1Yg
Request Chain 347
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Request Chain 351
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=849652762157515448
Request Chain 352
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPc023d64f-c9cf-11ec-bd34-02087eb080fc HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPc023d64f-c9cf-11ec-bd34-02087eb080fc
Request Chain 353
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=Ym9c9hkFj-qPLj-uiMyvHgAA%261150
Request Chain 356
  • https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.8102903506927719%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid= HTTP 302
  • https://p.adsymptotic.com/d/px/ue1-sb1-8da5aafb-c93f-438a-8856-7f8d35454ce9
Request Chain 358
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=849652762157515448
Request Chain 359
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPc023d64f-c9cf-11ec-bd34-02087eb080fc HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPc023d64f-c9cf-11ec-bd34-02087eb080fc
Request Chain 360
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=Ym9c9hkFj-qPLj-uiMyvHgAA%261150
Request Chain 363
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Request Chain 366
  • https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.8869185467752052%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid= HTTP 302
  • https://p.adsymptotic.com/d/px/ue1-sb1-8da5aafb-c93f-438a-8856-7f8d35454ce9
Request Chain 380
  • https://c1.adform.net/serving/cookie/match?party=14&cid=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A
Request Chain 381
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ym9c_QAYz_k7IAAy&gdpr=0&gdpr_consent=
Request Chain 382
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4258626f-5cfc-4400-a1ea-03b44ace646e&gdpr=0&gdpr_consent=
Request Chain 383
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCS0drN0Uzcm9BQURzMm1aN2JrUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 387
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Fidn7SkuSxtSvuZwHVPEBiU6OvY
Request Chain 388
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 389
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:0XBMYQJd1NLnBN5&gdpr=0&gdpr_consent=
Request Chain 390
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=6df921bd-3799-492a-a25b-7f8cee8bdc04&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A
Request Chain 391
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=666827565845
Request Chain 392
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1651465467942 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Request Chain 393
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 395
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4OnbnacqQ5u2nPPwwO2rCg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 397
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d5ea626f-5cfc-4500-bce8-a05959c513e2
Request Chain 398
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTBFOURCOUQtQTcyQS00MzlCLUI2OUMtRjNGMEMwRURBQjBB&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 399
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIRIRjR9iuppK56Im3rx7EM&google_cver=1
Request Chain 401
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4103765030608565843&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 404
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1HSvhftE2uUtujet5N8IK8RgyhVYrm0-~A&gdpr=0&gdpr_consent=
Request Chain 406
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=c1905e94-c9cf-11ec-999f-fd224d246e20&gdpr=0&gdpr_consent=
Request Chain 407
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=v6TCvrz1krqk88Ds7aDZ7733lu2kpMe-6qNnOh3R
Request Chain 408
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=849652762157515448&gdpr=0&gdpr_consent=
Request Chain 409
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=4eb98a78-f1ac-47b0-ab62-ab41f34ef3ae&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=075a5684-9ade-45fe-af23-00441f6805d5&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 411
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1D531_EF39E735_6C77B5F3&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 413
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2757220421956868072
Request Chain 414
  • https://sync.resetdigital.co:10001/csync/pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000AB6F0A3D75
Request Chain 419
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=0d69f59d-c626-4e23-a8f9-27472c545ae9-tuct968e27d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 423
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 426
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:07EF5973657A47F18676EC61408A95CB
Request Chain 428
  • https://pixel.onaudience.com/?partner=214&mapped=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=7f0d5f135946cc0a/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Request Chain 429
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A&addseg=19,36,42
Request Chain 432
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=849652762157515448
Request Chain 433
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:0c80e606-3fab-4346-9c38-2c2aaa56109a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

431 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request billionaire-utahn-to-give-away-90-of-his-wealth
www.fox13now.com/news/local-news/ 		242 KB
65 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-32.fra50.r.cloudfront.net
Software
N/A / Brightspot
Resource Hash
1b100b2e9f3016d39e6f5fc04026380518f730433d1261e6dbb8f6f673c27cb1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
155
Cache-Control
max-age=240
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Mon, 02 May 2022 04:21:44 GMT
Server
N/A
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
X-Amz-Cf-Id
ctSMbrEpFU-SYcZAS9RIAy5Ngpa28QBl6MBm1Geq85CMZTE4uURKKA==
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Hit from cloudfront
X-Powered-By
Brightspot
All.min.400ae66ae5954cba88bc75403510e15b.gz.css
ewscripps.brightspotcdn.com/resource/00000180-054e-dbc8-a5b7-9fefe21a0000/styleguide/ 		116 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ewscripps.brightspotcdn.com/resource/00000180-054e-dbc8-a5b7-9fefe21a0000/styleguide/All.min.400ae66ae5954cba88bc75403510e15b.gz.css
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.254.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-254-32.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2bcbc2fead65db06dc805d3ec92e0f95cc32e4d82c1d7f9e2d4bd5ffc7b35984

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 07 Apr 2022 18:35:01 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Thu, 07 Apr 2022 18:35:00 GMT
Server
AmazonS3
Age
2108959
ETag
"f3fd787dc8639d9cb2a7d176b5c65497"
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Content-Length
21563
X-Amz-Cf-Id
uC24MT45gIgvfVjN_A1BoTRzHROF9G1Iqh614ny24Pf3CqfH-r6edw==
6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
d3plfjw9uod7ab.cloudfront.net/ 		116 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4a00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1da4e7292411fa7401ad333d28c2e5bd20dbe89f3ba0428d57d44c48879293f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
B3kn63TQS6kT.ZlvMtLEVysJoRuRl8uN
content-encoding
br
last-modified
Sat, 30 Apr 2022 03:09:32 GMT
server
AmazonS3
age
2945
etag
W/"d8a90e7fca1529654d71205b6c387460"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
cache-control
max-age=3600, public
date
Mon, 02 May 2022 03:36:28 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
K_tZopwcdxLuHcDj2IiVrhS4xB9KXTMgXCQxqrbSF1Jw85Vu8SwApg==
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5699a9f1ae7a130fcd36591551ae1443606804654acae67173e1c9dda43848b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 02 May 2022 04:24:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
g2v9xMx/aUUS06TIQnKQZA==
age
2349
vary
Accept-Encoding
content-length
6830
x-ms-lease-status
unlocked
last-modified
Mon, 02 May 2022 02:31:38 GMT
server
cloudflare
etag
0x8DA2BE3E26D8463
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
618e89f2-301e-00d6-72ce-5d933c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
704dfc8f795190d4-FRA
tsu4adm.css
use.typekit.net/ 		21 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/tsu4adm.css
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
44184c16fd72e51859e402906cfc8eb5cc13161916b42cf46e416bc9e3fe9850
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Mon, 02 May 2022 04:24:19 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1740
all.css
use.fontawesome.com/releases/v5.1.0/css/ 		45 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

Referer
https://www.fox13now.com/
Origin
https://www.fox13now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:19 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8370596
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
DATDK6GE0M6SF5CS
x-amz-id-2
vSdqg4h3pAZqz7nL6cPevVcCWTj6X2bDQOM9YVaqEso7rJJeqtzPCsqvTOrFCSt6q0N8TZyMusU=
last-modified
Wed, 30 Jun 2021 15:30:31 GMT
server
cloudflare
etag
W/"826c57385f3d35cfed5478ba7b1f5c03"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kFsQwyLA1bq7mQKVnmpk0Ig%2BQ2J7roHL2RLQjnWCcSk8ZKEogNjNlfQbBqwFljlXZKABlwFq3fP%2FOlA%2BQSUeGgHMRmrWuVXIssRxYlMGbbdybi1tkhkreld58YtvzQjx06dkHZmvBt%2B8OnTKmNMyl0SA"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
704dfc8f8bf99bf4-FRA
/
ewscripps.brightspotcdn.com/dims4/default/eead90a/2147483647/strip/true/crop/600x274+0+0/resize/400x183!/quality/90/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/eead90a/2147483647/strip/true/crop/600x274+0+0/resize/400x183!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F00%2F9e%2F66505c3f463b98e45a6637d3fcea%2Fkstu-main-logo.png
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.254.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-254-32.fra6.r.cloudfront.net
Software
Apache /
Resource Hash
d46651a0642c39afc570af89ad0b4373250d4002c05e92282aab4b289c4771d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 25 Mar 2022 01:16:59 GMT
Via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
3294439
ETag
5530a8138966797a635819cda27dfa7c
X-Cache
Hit from cloudfront
Content-Type
image/png
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA6-C1
X-Robots-Tag
nofollow
Content-Length
23926
X-Amz-Cf-Id
PIWVHMUT69Iqt_XF8zB5XvygpF5xbT91eSE61igOiqHuc4dX4MCdlA==
Expires
Sat, 25 Mar 2023 01:16:59 GMT
Blank.gif
www.fox13now.com/styleguide/assets/ 		57 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fox13now.com/styleguide/assets/Blank.gif
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-32.fra50.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 29 Jul 2021 11:57:42 GMT
Via
1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache-Coyote/1.1
Age
23905597
X-Cache
Hit from cloudfront
Content-Type
image/gif;charset=UTF-8
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA50-C1
Content-Length
57
X-Amz-Cf-Id
0WDeGbRorHUztLhaK7v0EyuY_osSX59r1x2ngMoLYOkmrRJrmUhAqw==
outbrain.js
widgets.outbrain.com/ 		199 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.29.173 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-173.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d13435a48b794b66ebaada6ee378b52822f77c1fd83f3ab71643c2332106e8dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:19 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 16:17:55 GMT
etag
"16-keGzKtGrcfZ9cEAFiM57G5VQ+rg"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
8e9eb09047ccd143a4b62af3c2052286
timing-allow-origin
*, *
content-length
70100
logo-scripps.png
assets.scrippsdigital.com/cms/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.scrippsdigital.com/cms/images/logo-scripps.png
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.201.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-102.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
8lNexGmb6tKD4SPVOeXslwnzBtFWYJoV
Via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Oct 2017 14:04:11 GMT
Server
AmazonS3
Age
79314
ETag
"f46791d665054bf21da09492d448e1d2"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Date
Sun, 01 May 2022 06:22:26 GMT
x-amz-replication-status
COMPLETED
X-Amz-Cf-Pop
FRA53-C1
Accept-Ranges
bytes
Content-Length
3532
X-Amz-Cf-Id
kRnmZ_WTi6zQqRGZsn7cj7dRxdwoluWVHzOz2aPzUqJ595X1UArrjQ==
All.min.588be872fd3b5e794fefa37e9cd66da1.gz.js
ewscripps.brightspotcdn.com/resource/00000180-054e-dbc8-a5b7-9fefe21a0000/styleguide/ 		428 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ewscripps.brightspotcdn.com/resource/00000180-054e-dbc8-a5b7-9fefe21a0000/styleguide/All.min.588be872fd3b5e794fefa37e9cd66da1.gz.js
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.254.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-254-32.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0f18a3c3952280b727ecdf5f62fb2b4754367e287f06e9b3b586f2c07146754

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 07 Apr 2022 18:35:01 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Thu, 07 Apr 2022 18:35:00 GMT
Server
AmazonS3
Age
2108959
ETag
"1b54b00f494965bf27395d87a776043c"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Content-Length
101167
X-Amz-Cf-Id
OYBjR5KpulHnsK4IIFE7DklkSQf64M2Tt-kkTamxvpXpEFDKAlRhZw==
gtm.js
www.googletagmanager.com/ 		134 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5QBX3CF
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2b5a8378fa4a6696a5b7131e18fd83403e68fd878cb6d3642d6c9ff36d3ac711
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:19 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42102
x-xss-protection
0
last-modified
Mon, 02 May 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 02 May 2022 04:24:19 GMT
6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/client/impression/ 		0
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/client/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=392470
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KjK3n8NOqgxaHcPSH764h47WQ68jUskdL9QF5JOSXcpeGZcOknB8K1%2Bf6cBQKvS5ksIPgZDtAkqYYAkS6%2Fgdc8QW37mVMIKuncf%2FlzoIVh59WFXeuGPGn6Jmyb28bdkgFqoMRkOINFtE87ojIMyj%2FVP9oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
704dfc90b8879162-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FusvFeCKOsOiKw4Ae6yi
000000.json
cdn.cookielaw.org/consent/000000/ 		215 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/000000/000000.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b047e312dbbff7235fbfd3ae334d7a6d0b8fe625a58c8dfa5b04d3af72998555
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
vary
Accept-Encoding
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
9d7d21c6-a01e-015f-65dc-5d6c4d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
704dfc900bf79274-FRA
expires
Mon, 02 May 2022 08:24:19 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:11:58 GMT
content-encoding
gzip
age
740
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
1XKGV6DC408T8TQQ94M5
etag
4abd427e43cd6822329a2c05539e321f
vary
Accept-Encoding
x-amz-version-id
6RTeJ.t3xDSJXjTxhAMtPfr9IcIsozAE
via
1.1 f3e00d74aa4544d776f78a159416d17a.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
2g9THAVPViu2ySnv59tB_f2bQoLE_IqRUHLpXbq9zQd9vM6mT2VDLw==
bidexchange.js
hbx.media.net/ 		599 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/bidexchange.js?cid=8CU6Q6626&version=5.1&dn=www.fox13now.com
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b4ea417d25ba03b67108c17eae4ba812f6fd99993818b43dc1b6486c8f34ce2e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Mon, 02 May 2022 04:24:19 GMT
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
timing-allow-origin
*
expires
Mon, 02 May 2022 04:54:19 GMT
5776_Scripps_Local_Stations.js
ads.rubiconproject.com/prebid/ 		592 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ca4fd5efb0d1a70284709d6dde51a8477a28115b5c8a453aafcaf394bd1b5fbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:19 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 21:09:15 GMT
server
Apache
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3814
access-control-allow-credentials
true
accept-ranges
bytes
content-length
117459
expires
Mon, 02 May 2022 05:27:53 GMT
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=tsu4adm&ht=tk&f=137.138.139.140.169.170.171.172.175.176.141.142.143.144.147.148.151.152.153.154.155.156.157.160.161.162.165.166.167.168&a=15199297&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e01c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:19 GMT
last-modified
Sat, 16 Oct 2021 08:18:43 GMT
server
nginx
etag
"616a8ae3-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
53f42d8773220c4a4e090c0238f131cf911055b50bac69a3a27cfb93f69b7a1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
bHhJ8O28uQvF/S9c9JJk6A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
WTUR1bRR4SDaelmWbtEu7mKs5UKfh0chBNuwISXoBWCeFeSuXjuzar4jo/7ETut95p38cscXQevuduaLf2EnnA==
x-fb-trip-id
686109401
x-fb-content-md5
d1bc9df4956e91410d64e91cfb8f355f
x-frame-options
DENY
date
Mon, 02 May 2022 04:24:19 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"9295470531f1ea49eed729792d8bbd9c"
timing-allow-origin
*
priority
u=3,i
expires
Mon, 02 May 2022 04:44:01 GMT
ua-sdk.min.js
aswpsdkus.com/notify/v1/ 		212 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aswpsdkus.com/notify/v1/ua-sdk.min.js
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.208.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
151.208.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5343d295e7697987c6607001f3bb6d9bf54cfc6db5a77dce8b27dc5e9870066e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:23:48 GMT
content-encoding
gzip
age
31
x-guploader-uploadid
ADPycdstZr7isx5PKNdNziQiGl0qD1YdNXJukD9Uww6IBOZw7Ra2709Uot4SC9gnNiFI1kb_9_kSl6SvY6RzxzzCmh0vRA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38303
last-modified
Thu, 31 Mar 2022 16:15:43 GMT
server
UploadServer
etag
"6d60fd0a8328ab90723334e067d116d8"
x-goog-hash
crc32c=HIlLng==, md5=bWD9CoMoq5ByMzTgZ9EW2A==
x-goog-generation
1648743343088826
cache-control
public,max-age=300,no-transform
x-goog-stored-content-length
38303
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 02 May 2022 04:28:48 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Request headers

Referer
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin
https://www.fox13now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:19 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5398505
cf-ray
704dfc907ce79bf4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
59572
x-amz-id-2
ns4nZXtKI8TjfxeHEIDjv9b9nhjc05XDFc51BC/gRAyYkVGj6nHb+oqJzGx+CmYVCN/jO7DISGU=
last-modified
Wed, 30 Jun 2021 15:30:49 GMT
server
cloudflare
etag
"18d2347ab2a9f40ca2247cdb03303d84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=olpA6RwKZAzZb1iw1%2Fth728F4jEgc9c42EZANYUKXLPWh1w%2FcBz9tFldikd1PX3kdS3RBArBTk74bBZghZmhDpgseU3cRgF%2Bguh30r32RQIrCeKEL%2BpQYNWq%2BtyZ8JTFENLHTT%2FoSTYZZ4gOveW1tIxK"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
57GNW1G99JA6YNCM
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b4096925f34c85d0c0e934ad77c44165dcd66fecc354c153784d246f00911da5

Request headers

Referer
https://use.typekit.net/tsu4adm.css
Origin
https://www.fox13now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:19 GMT
server
nginx
etag
"ef52ad3657e4d4a42c21db6c00d5c7ccc649bc94"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16560
l
use.typekit.net/af/8738d8/00000000000000007735e611/30/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/8738d8/00000000000000007735e611/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n8&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
5d8f24de649d274c051960845b51a0407362d6b4c80de23985e648d3378708f5

Request headers

Referer
https://use.typekit.net/tsu4adm.css
Origin
https://www.fox13now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:19 GMT
server
nginx
etag
"a5565f97e4389f39e94f7880b2c8088023e4d88a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16880
fa-brands-400.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 		62 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1

Request headers

Referer
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin
https://www.fox13now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:19 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8463801
cf-ray
704dfc90af006922-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
63376
x-amz-id-2
KJM7vGebews7bcv5iYcruT+PL+oAd4W/O7pZQSdGmRHGb5Qia9aLNV/LdBckAgmqKIijnpowiyI=
last-modified
Wed, 30 Jun 2021 15:30:49 GMT
server
cloudflare
etag
"f319eac1c755f9929fd856720ce1695e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uo13ZNgtb2BBLtqNcIkn0TuWVLkUuvX7hBjXmmzy%2FiD0tLBmPD3%2FawD%2FDE1pnEt4tCikkyGvoVc0WFauDiD2hfkO%2FJMqvZvi0MylA116pbqsNhK17hDT8412Kn8yBN6SDY%2BEh%2B6BjNlKIGR%2FicOoxpEe"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
7KZ10SRM43XPBDHW
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
l
use.typekit.net/af/3322cc/00000000000000007735e616/30/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/3322cc/00000000000000007735e616/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=i4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
fdcb74f626ef8f1059c0e3bd503017b8fdda4a54afcc26a4da734f5fd5c7a87a

Request headers

Referer
https://use.typekit.net/tsu4adm.css
Origin
https://www.fox13now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:19 GMT
server
nginx
etag
"71f986ad2b4d0b6a0e5a056380e0c8c577137ae8"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17212
l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
81a6361b1f6ff5f9f6ca05b773fb993d7b7b3f668635ccba4379fa3ecb9a7e3e

Request headers

Referer
https://use.typekit.net/tsu4adm.css
Origin
https://www.fox13now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:19 GMT
server
nginx
etag
"96c7595dad6bb306bf9cc4c7a3b3d28654c7d636"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16832
p.js
cdn.parsely.com/keys/fox13now.com/ 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/fox13now.com/p.js
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.255.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-255-237.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
1e07e272734d4232d604835b00dfb9847c36a95e2fb6a01458590618e2bbcc77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
public
date
Sun, 01 May 2022 04:38:10 GMT
content-encoding
gzip
last-modified
Mon, 22 Feb 2021 19:24:27 GMT
server
nginx
age
85569
etag
W/"603404eb-10711"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
EJJN14xCLeat7QjBwrmOUchs1v5jlEaWRGmjYTDZBiAqd8ViKoR7mQ==
expires
Mon, 02 May 2022 04:38:10 GMT
connatix.playspace.dc.js
cds.connatix.com/p/160259/ Frame 9186
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/160259/connatix.playspace.dc.js
888 KB
206 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/160259/connatix.playspace.dc.js
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
79290a43cd25f6bde616627554c38fd10fbb40e2f9ce41d23b37db5e872b71b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:19 GMT
content-encoding
br
last-modified
Fri, 29 Apr 2022 11:01:10 GMT
age
231975
etag
"db270026dffc4d81e79ae20bb1d75d7e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
210619

Redirect headers

location
https://cds.connatix.com/p/160259/connatix.playspace.dc.js
date
Mon, 02 May 2022 04:24:19 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
content-length
0
access-control-max-age
86400
/
ewscripps.brightspotcdn.com/dims4/default/02cc935/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/ 		124 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/02cc935/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F4e%2F44%2F8b76c25f473093b130f7f52df25a%2Fjeff-t.%20Green.jpg
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.254.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-254-32.fra6.r.cloudfront.net
Software
Apache /
Resource Hash
bd6cafb0d9f0509d461f9b8845027ecb7f5385ee273346f5f44efd2b328afdb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 30 Apr 2022 13:04:56 GMT
Via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
141562
ETag
8abdd9b88cc8d2da8c2022d32c3e8063
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA6-C1
X-Robots-Tag
nofollow
Content-Length
127179
X-Amz-Cf-Id
Ue_WZDKmky3Dn8lbWmWJNrsLdWnll_bISSTxlr8g4WeIzNyVUWDdvw==
Expires
Sun, 30 Apr 2023 13:04:57 GMT
/
ewscripps.brightspotcdn.com/dims4/default/cabd33d/2147483647/strip/true/crop/720x720+280+0/resize/300x300!/quality/90/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/cabd33d/2147483647/strip/true/crop/720x720+280+0/resize/300x300!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Ff9%2Fc8%2Fbe6d1e8f4eb2a9ab227d4653983e%2Fjeff-tavss-headshot.jpg
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.254.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-254-32.fra6.r.cloudfront.net
Software
Apache /
Resource Hash
a78eee44a33280cae70b7fade38a0ea36d2d3c34252c8fffe9e5d91aaf463a0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 00:23:10 GMT
Via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
6580869
ETag
432c028acf64b6afb081594ce3fc408d
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA6-C1
X-Robots-Tag
nofollow
Content-Length
16702
X-Amz-Cf-Id
p89Q3eXGV7zBqxHOuCkQqgJ7Q3i4qhzIMHrKsMlF-vmZlYx9Ds7laQ==
Expires
Wed, 15 Feb 2023 00:23:10 GMT
/
ewscripps.brightspotcdn.com/dims4/default/05aa02d/2147483647/strip/true/crop/480x360+0+0/resize/480x360!/quality/90/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/05aa02d/2147483647/strip/true/crop/480x360+0+0/resize/480x360!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F0b%2F0c%2F0184c2f44e4783b067c6ee93fcc0%2Ffox13webad.jpg
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.254.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-254-32.fra6.r.cloudfront.net
Software
Apache /
Resource Hash
2ea4d73c56a292df467ee9e88a8cc18a2374049abe26e079b40770ea5b776339

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 09:38:37 GMT
Via
1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
13718742
ETag
38d2580b68aa743689213ed46fa15537
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA6-C1
X-Robots-Tag
nofollow
Content-Length
29430
X-Amz-Cf-Id
Xi_nkuQ_KO3dVuOSZydApgrHcr4YbrdI2XajIyqMMVa2-lub5rT89g==
Expires
Thu, 24 Nov 2022 09:38:37 GMT
/
api.ewscloud.com/prod/scheduler/v1/com.fox13now/schedules/current/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.ewscloud.com/prod/scheduler/v1/com.fox13now/schedules/current/?type=web
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.254.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-254-19.fra6.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://www.fox13now.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Mon, 02 May 2022 04:24:19 GMT
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-apigw-id
Ret2HH8FIAMFpIw=
x-amz-cf-id
ZPTCRywIQTldVEVr0ettSLfjqzFKpa_MbRWUF0OtKJNtLW28w-nGAg==
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
f5e36115-1a1e-4e91-9d22-23457cdd42de
x-amzn-trace-id
Root=1-626f5cf3-3a42c9403d30598915b7b855
x-cache
Miss from cloudfront
d3d3LmZveDEzbm93LmNvbQ==
tcheck.outbrainimg.com/tcheck/check/ 		15 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3LmZveDEzbm93LmNvbQ==
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.22.34.3 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-22-34-3.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 02 May 2022 04:24:19 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=11507
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
23dc9ed9e7864e28cfc3b1b8845e649b
Content-Length
15
Expires
Mon, 02 May 2022 07:36:06 GMT
weather
www.fox13now.com/ 		73 KB
74 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.fox13now.com/weather?_renderer=json
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000180-054e-dbc8-a5b7-9fefe21a0000/styleguide/All.min.588be872fd3b5e794fefa37e9cd66da1.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-32.fra50.r.cloudfront.net
Software
N/A / Brightspot
Resource Hash
5a9f94a1b476ecb1845930cfea4bf1f1a5de0f88e9de559903b85de649b13556

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 02 May 2022 04:20:45 GMT
Via
1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
Connection
keep-alive
Server
N/A
Age
213
X-Powered-By
Brightspot
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/json;charset=UTF-8
Cache-Control
max-age=240
X-Amz-Cf-Pop
FRA50-C1
X-Robots-Tag
nofollow
X-Amz-Cf-Id
tDtNu8VQQhYtj6n76VlHNADv1SJECyjPcL0KzVHRjtK8mIbOTisG0g==
breaking-news-alerts
www.fox13now.com/ 		68 KB
68 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.fox13now.com/breaking-news-alerts?_renderer=json
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000180-054e-dbc8-a5b7-9fefe21a0000/styleguide/All.min.588be872fd3b5e794fefa37e9cd66da1.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-32.fra50.r.cloudfront.net
Software
N/A / Brightspot
Resource Hash
65b64c49a86c754ec08d9c80c41cd0ce46edd45294ef43939ab8fdffa71652ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 02 May 2022 04:22:28 GMT
Via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
Connection
keep-alive
Server
N/A
Age
111
X-Powered-By
Brightspot
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/json;charset=UTF-8
Cache-Control
max-age=240
X-Amz-Cf-Pop
FRA50-C1
X-Robots-Tag
nofollow
X-Amz-Cf-Id
Juuyg17QWA9qGkmAOVVcmchC1dl9dyBVnO3eInYHaeZG1jFlQqUf_A==
alerts
www.fox13now.com/weather/ 		64 KB
65 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.fox13now.com/weather/alerts?_renderer=json
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000180-054e-dbc8-a5b7-9fefe21a0000/styleguide/All.min.588be872fd3b5e794fefa37e9cd66da1.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-32.fra50.r.cloudfront.net
Software
N/A / Brightspot
Resource Hash
072d7ba782da0ed49d7ae5d604f0460fac40ad6291fa5971b34e3fe16c301887

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 02 May 2022 04:22:29 GMT
Via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
Connection
keep-alive
Server
N/A
Age
109
X-Powered-By
Brightspot
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/json;charset=UTF-8
Cache-Control
max-age=240
X-Amz-Cf-Pop
FRA50-C1
X-Robots-Tag
nofollow
X-Amz-Cf-Id
MwvkYPLY8oYkScl01LVyB6D3pN6se5lpWbnmlhrU2Y-D1RM60LLLcQ==
school-closings-delays
www.fox13now.com/weather/ 		61 KB
61 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.fox13now.com/weather/school-closings-delays?_renderer=json
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000180-054e-dbc8-a5b7-9fefe21a0000/styleguide/All.min.588be872fd3b5e794fefa37e9cd66da1.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-32.fra50.r.cloudfront.net
Software
N/A / Brightspot
Resource Hash
f095e9c4a8303e2660456b4124313560ffd05695ad601c84107146c500d27f71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 02 May 2022 04:22:28 GMT
Via
1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
Connection
keep-alive
Server
N/A
Age
111
X-Powered-By
Brightspot
Transfer-Encoding
chunked
X-Cache
Error from cloudfront
Content-Type
application/json;charset=UTF-8
Cache-Control
max-age=240
X-Amz-Cf-Pop
FRA50-C1
X-Robots-Tag
nofollow
X-Amz-Cf-Id
BXL-z8D4fsfSGGBJZsLNr0SWuUU10nI2LgOhNqfyMW03Ij5mgBv1rw==
/
api.ewscloud.com/prod/scheduler/v1/com.fox13now/schedules/current/ 		6 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ewscloud.com/prod/scheduler/v1/com.fox13now/schedules/current/?type=web
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000180-054e-dbc8-a5b7-9fefe21a0000/styleguide/All.min.588be872fd3b5e794fefa37e9cd66da1.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.254.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-254-19.fra6.r.cloudfront.net
Software
/
Resource Hash
267f343ae9cde809d68b8aae3a9107e9bd51b364a34a64506b185a2c55429dca

Request headers

Authorization
Token bc22df1e0efb4dcb53f2438a4b71da118f05788c
Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
391e5626-42a8-4182-b266-e712ff89baa7
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-626f5cf4-3a64459e16c8362421a7fbed
x-amz-apigw-id
Ret2KHFCoAMFaSQ=
content-length
5786
x-amz-cf-id
O-bLllsDnJ-ppwcfYBxwQtVf8DyMost0TROPUSGxw3imWQhDv4Gc2A==
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.29.173 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-173.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:19 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Wed, 01 Jun 2022 04:24:19 GMT
sdk.js
connect.facebook.net/en_US/ 		283 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=29318a74aedfb9ab100a625fd723e3ac
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
af3a455c098c1703f5e7ae972edd1dcf3b908a1de446d452eceed9d809c70d7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.fox13now.com/
Origin
https://www.fox13now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
k8smQqf8SR+rfq31z+FvQQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
82883
x-fb-rlafr
0
x-fb-debug
WWlDPZcu2UrfPpxFj83awvgYP4rws0jc0/HZP8nHB28v/MAGUGsgLyc8QrOjsLfic6OvQn1Hmm7DtiYKBWxFTQ==
x-fb-content-md5
31705e1063284b7422f625b4fa5db0d7
x-frame-options
DENY
date
Mon, 02 May 2022 04:24:19 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"fdde29afeac23743dde01c49f015d090"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 02 May 2023 03:56:51 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3295&u=https%3A%2F%2Fwww.fox13now.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:00:50 GMT
via
1.1 f3e00d74aa4544d776f78a159416d17a.cloudfront.net (CloudFront)
server
Server
age
15808
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.fox13now.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
9_7rL_l2uY-9N5_paveeNjn_YYD565dICsQ7V0KqWwA016v2XWw1cw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
8970
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 28 Apr 2022 01:41:20 GMT
server
AmazonS3
date
Mon, 02 May 2022 01:54:50 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 3092bdd288d2a449c56d11f2cf4a9b88.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
uXlZG_YaOiPwaDe_TZfh9k4f97QPMIM5AaSubREKtlhwe4qnsDQfCg==
log
hblg.media.net/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfk&evtid=flog&itype=HB&adt=desktop&cid=8CU6Q6626&ct=FRANKFURT&cc=DE&ugd=4&app=0&pht=1200&pid=8PRL4E7N3&dn=fox13now.com&servname=ssp-serving-76cb75d7f5-kspgc&svr=042813_364_042813_327_ssp&sc=HE&version=4&vh=1200&vw=1600&vsid=&vid=00001651465458824006245729287522&sspAbBucket=CONTROL&lw=0&dapp=green&itypeid=1&sd=1&adbd=0&npa=0&gdpr_enf=1&csex=0&gdfstr=Y-N&gdpr=1&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&tcf_api=0&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&id_details=&abte=SSP_CLIENT&rtype=&lbr=1&mnkv=&pabte=&pc=&ccat=&floc_id=&floc_ver=&gfundl=700&gtd=&inid=&ngfundl=1000&rdl=700&a=0&r=209&lper=1&requrl=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&kwrf=
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.22.32.24 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-22-32-24.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:19 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 02 May 2022 04:24:19 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
sffe /
Resource Hash
1c931ae642374fc24e1a9fd1ad7afd70464ed74cb51295c7a13e060061b56478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28554
x-xss-protection
0
server
sffe
etag
"1202 / 235 of 1000 / last-modified: 1651270049"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 02 May 2022 04:24:19 GMT
placement_invocation
ob.cheqzone.com/ 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.201.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-53.fra53.r.cloudfront.net
Software
Caddy /
Resource Hash
55ed920d444210fbe713cf81e8d6a615cd96d1b950b0704752209568e5754b30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 17:34:13 GMT
content-encoding
gzip
server
Caddy
age
39006
etag
"bf83-flSXooGsmrmYNlxSK09toJAtNHc"
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
cache-control
max-age=43200
x-amz-cf-pop
FRA53-C1
content-length
18458
x-amz-cf-id
KY1mTCcoxRI4v8g1tI17qnpchRzXAxFnCGb0xue-zWPHJQvBVTRLIQ==
expires
Mon, 02 May 2022 05:34:13 GMT
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1651465458852&plid=7110250&idsite=fox13now.com&url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&sref=&sts=1651465458848&slts=0&title=Billionaire+Utahn+to+give+away+90%25+of+his+wealth&date=Mon+May+02+2022+04%3A24%3A18+GMT%2B0000+(GMT)&action=pageview&pvid=16516520&u=pid%3Db5ae44d7198de1b79b451a9fbdcd0885
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-144-142.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 02 May 2022 04:24:19 GMT
Cache-Control
no-cache
Last-Modified
Monday, 02-May-2022 04:24:19 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QBX3CF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2969
date
Mon, 02 May 2022 03:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 02 May 2022 05:34:50 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-15.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 03:22:45 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
3697
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f47fcc9b2aa47ced36c40c318e6f006a.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
gJ5aFYtbxievek1anBNQ3flToq8Pbk7vF-txN9R0Z8YrdSRdYnKxqQ==
scripps.js
tru.am/scripts/custom/ 		737 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tru.am/scripts/custom/scripps.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QBX3CF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f027d6553533e963630b1d0992d5ca83562645cbb955de496b40c41eddd1978e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash
crc32c=sr7fhA==, md5=s01bXr0Uhj5Os3tr1X6KBQ==
date
Mon, 02 May 2022 04:24:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
386828
x-guploader-uploadid
ADPycduhFbIhDuZtW8qt1oHeheC1bhrx2XryEQ_FtZalRmvRDDOvFv4-wbEeLCg68adGbOFjueIYKoVN5SzhboCp_3U
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 24 Feb 2022 16:52:24 GMT
server
cloudflare
etag
W/"b34d5b5ebd14863e4eb37b6bd57e8a05"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ccJJlwD5uNpM8pBjYshNkLtQt7v3%2Bcnl76qPe0mgU0qiVpGWgZQYkRMHUFoyJA7%2B4bJy69Wv3TacCQoeOiASmIu6SpGfRE93RY4yi%2F6Xlogaavlqwsoh7IsNfc4uK1ZuDXo%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1645721544432200
content-type
application/javascript
cache-control
public, max-age=31536000
x-goog-stored-content-length
737
cf-ray
704dfc9358cc9c10-FRA
expires
Thu, 27 Apr 2023 16:55:05 GMT
cloudy.png
static.ewscloud.com/weathercenter/prod/static/weathericons/nighttime/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ewscloud.com/weathercenter/prod/static/weathericons/nighttime/cloudy.png
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:5800:10:618e:d880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
727f93b09ab81ccfabda8af76bbd53e3e99a3eafce122b52fac24f9e13872e33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
wByKBP.87IZfVGaScxE2_48Emt6oR4ds
via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
last-modified
Wed, 02 Mar 2022 05:52:25 GMT
server
AmazonS3
age
120
etag
"472ec61e8e2a117758a265abc1d2d247"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=86400
date
Mon, 02 May 2022 04:24:19 GMT
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
content-length
3167
x-amz-cf-id
Lp302LtZFgTSBa6HNMTWv2lbQ9S9lzgah_DR32w_Uv4XpLYuiGFSaA==
pubads_impl_2022042601.js
securepubads.g.doubleclick.net/gpt/ 		367 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
sffe /
Resource Hash
43700b9800ddc7b26ee1bf46a878b942908a720bd48a1809163d3a26de2944c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 00:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12756
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127613
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 08:34:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 02 May 2023 00:51:43 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		160 B
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.fox13now.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
978e500ed9886e0569440405c1bd5c6dcedcc3565fe2a60542bbc84061ba2774
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 May 2022 04:24:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
0
expires
Mon, 02 May 2022 04:24:19 GMT
show_pla
obs.cheqzone.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=04010927915256679916020831679765149661919651500006078277215294908829&nc=0&tsf=0&tsfmi=&pv=0&cb=1651465459133&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=4117521382&at=&bid=e30%3D&di=W1siZWYiLDM2NzNdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImdvb2dsZSBpbmMu%0D%0AIChnb29nbGUpXCIsXCJyXCI6XCJhbmdsZSAoZ29vZ2xlLCB2dWxrYW4gMS4yLjAgKHN3aWZ0c2hh%0D%0AZGVyIGRldmljZSAoc3ViemVybykgKDB4MDAwMGMwZGUpKSwgc3dpZnRzaGFkZXIgZHJpdmVyKVwi%0D%0ALFwic2x2XCI6XCJ3ZWJnbCBnbHNsIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJv%0D%0AbWl1bSlcIixcImd2ZXJcIjpcIndlYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixc%0D%0AImd2ZW5cIjpcIndlYmtpdFwiLFwiYmVuXCI6MTgsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0%0D%0AIHdlYmdsXCIsXCJzZWZcIjoxMDUxNjk0MDg5LFwic2VjXCI6XCJcIn0iXSxbLTEsIi0iXSxbLTIs%0D%0AIjE2LGVZRzlYMS9YMXRabFMyMmQ1MXg4WU5ZOU14SlFFTUNkVUJISkw4NkwyM0FDR1VoQkl3SVNT%0D%0ARUVBY0lKZlJlQWdRSUVGb0luZEN4d1FYamhvMjcxOTZtTWpPdi9yODcwdXhxRngiXSxbLTMsIltc%0D%0AImludGVybmFsLXBkZi12aWV3ZXJcIixcIm1oamZibWRnY2ZqYmJwYWVvam9mb2hvZWZnaWVoamFp%0D%0AXCIsXCJpbnRlcm5hbC1uYWNsLXBsdWdpblwiXSJdLFstNCwiLSJdLFstNSwiLSJdLFstNiwie1wi%0D%0Ad1wiOltcIjBcIixcImNocm9tZVwiLFwiY29yZVwiLFwiX19jb3JlLWpzX3NoYXJlZF9fXCIsXCJn%0D%0AbG9iYWxcIixcIlN5c3RlbVwiLFwiYXNhcFwiLFwiT2JzZXJ2YWJsZVwiLFwic2V0SW1tZWRpYXRl%0D%0AXCIsXCJjbGVhckltbWVkaWF0ZVwiLFwicmVnZW5lcmF0b3JSdW50aW1lXCIsXCJfYmFiZWxQb2x5%0D%0AZmlsbFwiLFwiU2NyaXBwc0FkTGliXCIsXCJkYXlzU2luY2VQdWJsaXNoZWRcIixcImRhdGVQdWJs%0D%0AaXNoZWRcIixcInB1Ymxpc2hlZFRpbWVcIixcIm1vZGlmaWVkVGltZVwiLFwiZ2V0Q29va2llXCIs%0D%0AXCJndG1PYmpcIixcImNhbGxMZXR0ZXJzXCIsXCJqc1RhZ3NcIixcImpzUHVibGlzaERhdGVcIixc%0D%0AImpzVXBkYXRlRGF0ZVwiLFwianNJc0JyZWFraW5nXCIsXCJqc0lzQWxlcnRcIixcImpzQXV0aG9y%0D%0Ac1wiLFwianNIYXNWaWRlb1wiLFwianNTZWN0aW9uXCIsXCJqc1BhZ2VUeXBlXCIsXCJqc0Rpc2Fi%0D%0AbGVQcmVyb2xsQWRzXCIsXCJqc0Rpc2FibGVEaXNwbGF5QWRzXCIsXCJqc0Rpc2FibGVJbmxpbmVW%0D%0AaWRlb0Fkc1wiLFwianNGbmFtZVwiLFwiZGF0YUxheWVyXCIsXCJ4MDBfMHgxZjg2XCIsXCJ4MDBf%0D%0AMHg3ZThhXCIsXCJfU2Nhbm5lclwiLFwib25SZWFkeVwiLFwiT25lVHJ1c3RTdHViXCIsXCJPcHRh%0D%0Abm9uV3JhcHBlclwiLFwiZGRsc1wiLFwiYWRzT25QYWdlXCIsXCJJU19DTVNcIixcIl9kaXNhYmxl%0D%0AXCIsXCJBZERlYnVnZ2VyXCIsXCJTY3JpcHBzVXRpbHNcIixcIlN0aWNreVJpZ2h0UmFpbFwiLFwi%0D%0Ac1VzZXJIdWJcIixcIkFkVGFyZ2V0aW5nUGFyYW1zXCIsXCJEeW5hbWljVGFyZ2V0aW5nUGFyYW1z%0D%0AXCJdLFwiblwiOltdLFwiZFwiOltdfSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAs%0D%0AIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNjcmlwdGlvblwiLFwib2c6dGl0bGVc%0D%0AIixcIm9nOmRlc2NyaXB0aW9uXCIsXCJ0d2l0dGVyOmRlc2NyaXB0aW9uXCIsXCJ0d2l0dGVyOnRp%0D%0AdGxlXCIsXCJvZzpkZXNjcmlwdGlvblwiLFwiZGVzY3JpcHRpb25cIixcInBhcnNlbHktdGl0bGVc%0D%0AIl19Il0sWy0xMiwibnVsbCJdLFstMTMsIi0iXSxbLTE0LCJ7XCJvXCI6MC4wMDk0Nzg2NzI5ODU3%0D%0AODE5OTF9Il0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCI0Il0sWy0xOCwiWzAsMCwwLDFdIl0s%0D%0AWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAw%0D%0ALDEyMDAsMTYwMCwxMjAwLDAsMCwwLDAsXCItXCIsXCItXCJdIl0sWy0yMCwiLSJdLFstMjEsIlU1%0D%0AUDZ0YVZyIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjMsIisiXSxbLTI0LCJbXSJdLFstMjUs%0D%0AIi0iXSxbLTI2LCJ7XCJ0amhzXCI6MjE3MDAwMDAsXCJ1amhzXCI6MTgyMDAwMDAsXCJqaHNsXCI6%0D%0AMzc2MDAwMDAwMH0iXSxbLTI3LCJbMCwxMCwwLFwiNGdcIixudWxsXSJdLFstMjgsImVuLVVTIl0s%0D%0AWy0yOSwie1widlwiOlsyLDIsMiwyLDAsMCwwLDIsMCwyLDAsMiwwLDAsMiwyLDIsMiwwXX0iXSxb%0D%0ALTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIjIiXSxbLTMzLCItIl0sWy0zNCwi%0D%0ALSJdLFstMzUsIlsxNjUxNDY1NDU5MTE3LDBdIl0sWy0zNiwiW1wiNC8zXCIsXCI0LzNcIl0iXSxb%0D%0ALTM3LCItMTQ0LTY2LTE4MC0iXSxbLTM4LCJpLC0xLC0xLDEsMCwwLDAsMzYsMTksMjIsMjc5LDAs%0D%0AMjk1LjIsMjk1LjIsODQ3LDg0NyJdLFstMzksIltcIjIwMDMwMTA3XCIsMCxcIkdlY2tvXCIsXCJO%0D%0AZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCwwXSJdLFst%0D%0ANDAsIjMzIl0sWy00MSwiLSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTQzLCIwMDAwMDAwMTAxMDAw%0D%0AMDAxMDAxMTEwMTEwMCJdLFstNDQsIjAsMCwwLDUiXSxbLTQ1LCItIl0sWy00NiwiMCJdLFstNDcs%0D%0AIkV0Yy9Vbmtub3duLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxb%0D%0AImJuY2giLDExN11d&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A325%2C%22y%22%3A2693%2C%22w%22%3A610%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=f2HHxrD9J6&sdd=%7B%7D&pto=867
Requested by
Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
7cc637a0fd8996f09c0e204a08483bc316297894a3b5bc916e556c39ffe64308

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:20 GMT
content-encoding
gzip
cache-control
no-cache, no-store, must-revalidate
content-type
text/javascript
content-length
3396
expires
Fri, 01 Jan 1990 00:00:00 GMT
hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/160259/ Frame 9186 		0
47 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/160259/hls.5b3b785f487abbe00eee.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:19 GMT
content-encoding
br
last-modified
Fri, 29 Apr 2022 11:01:10 GMT
age
231974
etag
"182f65d040bfb9544bd8f71472475672"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
48258
connatix.playspace.css
cds.connatix.com/p/160259/ 		99 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/160259/connatix.playspace.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
874cc1315f35963fb2488576f0c83489e22edfe22f6ce355e7e87e65063bbf7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:19 GMT
content-encoding
br
last-modified
Fri, 29 Apr 2022 11:01:10 GMT
age
231975
etag
"132acf023a5a30ef72888d6e359a6663"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
13634
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036471&ns__t=1651465459245&ns_c=UTF-8&cv=3.5&c8=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&c7=https%3A%2F%2Fwww.fox13now.com%2Fne...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1651465459245&ns_c=UTF-8&cv=3.5&c8=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&c7=https%3A%2F%2Fwww.fox13now.com%2Fn...
0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1651465459245&ns_c=UTF-8&cv=3.5&c8=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&c7=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&c9=
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Server
108.157.4.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-15.dus51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
via
1.1 f47fcc9b2aa47ced36c40c318e6f006a.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
RwS76PhAP4HL6zsXNJBH--D1Ld_ED6g0sF7jwcMhrS7pKRICV5kZ3g==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=6036471&ns__t=1651465459245&ns_c=UTF-8&cv=3.5&c8=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&c7=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&c9=
date
Mon, 02 May 2022 04:24:19 GMT
via
1.1 f47fcc9b2aa47ced36c40c318e6f006a.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
content-length
0
x-amz-cf-id
Fp4VigRIcpyM0TvQcF43g5rdgtAYSuAeLAhdj6Ow0hbivuZnPTKfAA==
x-cache
Miss from cloudfront
ta-pagesocial-sdk.js
tru.am/scripts/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tru.am/scripts/ta-pagesocial-sdk.js
Requested by
Host: tru.am
URL: https://tru.am/scripts/custom/scripps.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dbc3f1a033b6733e96a5af1bc89d6f8ab68a5d533dcad72d56bd019e3b5b6b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash
crc32c=189alg==, md5=Aq8QqpKO913oQSpg0Lh6TA==
date
Mon, 02 May 2022 04:24:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
326749
x-guploader-uploadid
ADPycdszUtPS7c77fVEsKNX6IazAwmiAk8lR-yd6xfNblYGrJidde1dOW0VXzqQYl7rpPGNL-lRJKx3fDYRjp6i6Mw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 11 Nov 2020 17:32:38 GMT
server
cloudflare
etag
W/"02af10aa928ef75de8412a60d0b87a4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pa%2BpjlHSL%2FRf6L013%2B%2B5PG7tanGSCcwX2dZICpCX9ePXoj78SZRMj%2BqWRTkQhxJbRdD0oqCdmyXj97%2F37TNAtELQnvgboyAma6JfTONbEL6v%2Bn9it8z0kVkFCqoAvJKlCumLzA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1605115958819708
content-type
text/javascript
cache-control
public, max-age=2678400
x-goog-stored-content-length
27827
cf-ray
704dfc94fd789268-FRA
expires
Thu, 28 Apr 2022 09:43:01 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 03:38:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2763
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 02 May 2022 04:38:17 GMT
story
capi.connatix.com/core/ Frame 9186 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/story?v=160259
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
40a9471254e3bb59e130481d6a08ea7875e524bd7830954249d27abc000787b5

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.fox13now.com
access-control-max-age
86400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
3675
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&pid=PyAEa2GjFhzYN&cb=0&ws=1600x1200&v=7.75.0&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_INVIEW%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22MAD_RIGHT_RAIL%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
via
1.1 f3e00d74aa4544d776f78a159416d17a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
FPFA6HFKJVQYK34A8WTJ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
Z0pW7-xy21s5fCAwZQDZUCaUD-tK5v_uujh_c3M0sRf98c4s8pSsxw==
prebid
ib.adnxs.com/ut/v3/ 		247 B
937 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
221a6c8fc872fe0de88e13402b05762eeabdf5413f84b910fd2a140b617d9c14
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:20 GMT
X-Proxy-Origin
37.58.58.246; 37.58.58.246; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1cd85f51-dda8-42fc-914e-f2bc2804fb2e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.fox13now.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
247
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698600179795af3a05c97ef2b009d&pos=8a9695310179795afced5c9919250098&cmd=bid&secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
238dfcbeb3dd279902bd259ecaa4b77574935c645ebf1fdd9279a493dbd71e6d

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698600179795af3a05c97ef2b009d&pos=8a9691c501797961dc1a6230492e002e&cmd=bid&secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
2e68182cbf39bb919bdad91b9b6ce0ec97bbdab36b2b80e27e0a1b2c74af7a47

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
content-length
62
arj
ewscripps-d.openx.net/w/1.0/ 		73 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ewscripps-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=cf2e87e5-726a-4709-b34a-aed34e1d187a%2C610286f5-3b6f-4b80-8fee-123520658f6d&nocache=1651465459326&aus=728x90%7C300x600%2C300x250&divids=MAD_INVIEW%2CMAD_RIGHT_RAIL&aucs=%252F6088%252Fssp.kstu%252Finview-bottom%2C%252F6088%252Fssp.kstu%252Fnews%252Flocal_news%252Fdetail&auid=544041562%2C544041559
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
8b9d1bca8c323d5b5374882731c304332a8bb2dc31d792a8e9a27ee62458c8a5

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:20 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.fox13now.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.11.0&referrer=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&tmax=2000
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.60.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-60-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:20 GMT
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.fox13now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
imp
g2.gumgum.com/hbid/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1651465459330&to=0&aun=MAD_INVIEW&gpid=%2F6088%2Fssp.kstu%2Finview-bottom&t=ryx2glbx&pi=3&maxw=728&maxh=90&si=113233&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.11.0%22%7D&ogu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ns=10240
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-98.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c94e7ca74c434a5f5246ace4bf8cfc6132d933e4f3d3bfd6bd8c12b9043600db

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:20 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.fox13now.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		11 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1651465459330&to=0&aun=MAD_RIGHT_RAIL&gpid=%2F6088%2Fssp.kstu%2Fnews%2Flocal_news%2Fdetail&t=ryx2glbx&pi=3&maxw=300&maxh=600&si=113232&bf=300x600%2C300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.11.0%22%7D&ogu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ns=10240
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-98.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
64a94f78d192f4e0e01778e754d28016ec297484a803a7cb3fb4791ba396dca6

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:20 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.fox13now.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
v2
e.serverbid.com/api/ 		711 B
986 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
1385a4f55db1166435032cd0c1d542629ccc77f520fb0d3702e1d2da2f514a24

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.fox13now.com
date
Mon, 02 May 2022 04:24:19 GMT
access-control-allow-credentials
true
content-length
711
vary
Origin
content-type
application/json
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		300 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
a558335dfd3ca88e1263100d94d582d5764b65c9c4c6e7749ca0607ac29b60bd

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:20 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.fox13now.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
300
expires
0
hb
ssc.33across.com/api/v1/ 		87 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bpL-ZIByur67OuaKj0P0Le
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
619aaafb1c570a4bb0542241623b60269d09d6aa0b22c322cb44be57aa3bbb99

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bmBWNoByur67OuaKj0P0Le
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
619aaafb1c570a4bb0542241623b60269d09d6aa0b22c322cb44be57aa3bbb99

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
fastlane.json
fastlane.rubiconproject.com/a/api/ 		436 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=5776&site_id=361740&zone_id=1954138%3B1954136&size_id=2%3B15&alt_size_ids=%3B10&rf=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&tg_i.aupname=%2F6088%2Fssp.kstu%26mad_inview%3B%2F6088%2Fssp.kstu%26mad_right_rail&tg_i.pbadslot=%2F6088%2Fssp.kstu%2Finview-bottom%3B%2F6088%2Fssp.kstu%2Fnews%2Flocal_news%2Fdetail&tk_flint=dmpbjs_v6.11.0&x_source.tid=cf2e87e5-726a-4709-b34a-aed34e1d187a%3B610286f5-3b6f-4b80-8fee-123520658f6d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=2&rand=0.8187681172098078
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
dcce300d9cf428fe68fd05d1a49e0d21bbec990b8c19cd832bebbe5d0b05a6ef

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:20 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.fox13now.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
436
Expires
Wed, 17 Sep 1975 21:32:10 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1651465459348&sessionId=defed116-41aa-4ae2-067d-387a245ba06e&url=www.fox13now.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:20 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
f2c4736e44a2a2ca69e73a0fa2e92432
Content-Length
4
Expires
0
get
odb.outbrain.com/utils/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&idx=0&rand=37408&key=NANOWDGT01&widgetJSId=AR_11&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&clid=defed116-41aa-4ae2-067d-387a245ba06e&fdu=www.fox13now.com&px=325&py=2742&vpd=1542&cw=610&activeTab=true&darkMode=false&settings=true&recs=true&version=2000692&sig=U5P6taVr&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf3cbea9de55648fc6c12b862749fedb8effc064646fa9554ea5c62209bc8c18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1651465460.120132,VS0,VE366
accept-ranges
bytes
x-served-by
cache-lga13626-LGA, cache-fra19128-FRA
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
809159a83cf020eebab7a1398711dc0f
content-encoding
gzip
content-length
6688
expires
Thu, 01 Jan 1970 00:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&pid=PyAEa2GjFhzYN&cb=1&ws=1600x1200&v=7.75.0&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_INLINE%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22MAD_HEADER%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22970x90%22%2C%22994x30%22%2C%2210x1%22%5D%7D%5D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
via
1.1 f3e00d74aa4544d776f78a159416d17a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
9TH4GWNS853KTVV25JVX
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
7QHhpeCHjwOBkn2efBq4qI2INDSbyhcoAgj97HSlJMzeBInExLS2rw==
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bgZdFqByur67OuaKj0P0Le
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
3355f01920a159f6305c3be65ca696066f3a065effee7511127322f462431773

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691c501797961dc1a628788a90038&pos=8a9691c501797961dc1a6291573e005c&cmd=bid&secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
8c2e57ee78275394cc22c5bc39c852100b1c175be33dd6ab22f37dba264cb39d

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
content-length
62
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		300 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
f22008a87de9f5460bbf1451182d062a76f43b5d4f3e5c5f826004210e0872f7

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:20 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.fox13now.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
300
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		449 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=5776&site_id=361740&zone_id=2090360%3B1954132&size_id=15%3B2&alt_size_ids=%3B55%2C57&rf=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&tg_i.aupname=%2F6088%2Fssp.kstu%26mad_inline%3B%2F6088%2Fssp.kstu%26mad_header&tg_i.pbadslot=%2F6088%2Fssp.kstu%2Fnews%2Flocal_news%2Fdetail&tk_flint=dmpbjs_v6.11.0&x_source.tid=bfe4de41-f74f-472e-80b3-a42a9374c696%3B3a0c2651-a537-488b-b4fa-1fbbdeb752b9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=2&rand=0.8787751045150944
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ce88889c221cd40c7c61bae947f82bf5208f3abea0ef0d2a5bc5d3e0cc262b0d

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:20 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.fox13now.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
449
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v2
e.serverbid.com/api/ 		711 B
986 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
1385a4f55db1166435032cd0c1d542629ccc77f520fb0d3702e1d2da2f514a24

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.fox13now.com
date
Mon, 02 May 2022 04:24:19 GMT
access-control-allow-credentials
true
content-length
711
vary
Origin
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
95315e06b54cb2cfc27f5f6954aa84ce0b312847df13886dda70b897f5ca38b8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 02 May 2022 04:24:20 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.58.58.246; 37.58.58.246; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d39f35c3-e3fd-4395-b308-c6f236deb529
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.fox13now.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
imp
g2.gumgum.com/hbid/ 		11 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1651465459375&to=0&aun=MAD_INLINE&gpid=%2F6088%2Fssp.kstu%2Fnews%2Flocal_news%2Fdetail&pubId=13797&pi=3&maxw=300&maxh=250&si=217149&bf=300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.11.0%22%7D&ogu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ns=10240
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-98.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
39591255932f196d4b5853cda79c9f3033ce6aaacadfca2f72b118055256fc1d

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:20 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.fox13now.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1651465459376&to=0&aun=MAD_HEADER&gpid=%2F6088%2Fssp.kstu%2Fnews%2Flocal_news%2Fdetail&t=ryx2glbx&pi=3&maxw=970&maxh=250&si=113230&bf=970x250%2C728x90%2C970x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.11.0%22%7D&ogu=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ns=10240
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-98.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b0f6d37e4c8520f774611d5fffc3381c2f6e9129b9dd4397345930a54bde199f

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:20 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.fox13now.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
arj
ewscripps-d.openx.net/w/1.0/ 		73 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ewscripps-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3a0c2651-a537-488b-b4fa-1fbbdeb752b9&nocache=1651465459377&aus=970x250%2C728x90%2C970x90&divids=MAD_HEADER&aucs=%252F6088%252Fssp.kstu%252Fnews%252Flocal_news%252Fdetail&auid=544041554
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
d9df2d7dc53654d1a0d153355fba415f8fcd6fcb35e3dbb79c634110dfaaed8d

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:20 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.fox13now.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.11.0&referrer=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&tmax=2000
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.60.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-60-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:20 GMT
accept-ch
sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.fox13now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-27022641-1&cid=1053014728.1651465459&jid=627812488&gjid=826432280&_gid=862584216.1651465459&_u=aGBAiEAjBAAAAE~&z=322315471
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 02 May 2022 04:24:20 GMT
content-type
text/plain
access-control-allow-origin
https://www.fox13now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-29479748-9&cid=1053014728.1651465459&jid=1928786597&gjid=284141730&_gid=862584216.1651465459&_u=aGDAiEAjBAAAAE~&z=1199046986
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 02 May 2022 04:24:20 GMT
content-type
text/plain
access-control-allow-origin
https://www.fox13now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-40066851-1&cid=1053014728.1651465459&jid=314897443&gjid=956865247&_gid=862584216.1651465459&_u=aGDAiEAjBAAAAE~&z=821197878
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 02 May 2022 04:24:20 GMT
content-type
text/plain
access-control-allow-origin
https://www.fox13now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=908628599&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ul=en-us&de=UTF-8&dt=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiEAjB~&jid=627812488&gjid=826432280&cid=1053014728.1651465459&tid=UA-27022641-1&_gid=862584216.1651465459&gtm=2wg4r05QBX3CF&cd20=20211016&cd21=Jeff%20Tavss&cd22=&cd23=Local%20News&cd24=Homepage%20Showcase%2CLocal%20News%2CInstagram&cd25=false&cd26=&cd30=&cd31=true&z=327299903
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 22:30:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
21237
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=908628599&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ul=en-us&de=UTF-8&dt=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEAjBAAAAE~&jid=1928786597&gjid=284141730&cid=1053014728.1651465459&tid=UA-29479748-9&_gid=862584216.1651465459&gtm=2wg4r05QBX3CF&cd20=20211016&cd21=Jeff%20Tavss&cd22=&cd23=Local%20News&cd24=Homepage%20Showcase%2CLocal%20News%2CInstagram&cd25=false&cd26=&cd30=&cd31=true&z=1368267053
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 22:30:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
21237
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=908628599&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ul=en-us&de=UTF-8&dt=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEAjBAAAAE~&jid=314897443&gjid=956865247&cid=1053014728.1651465459&tid=UA-40066851-1&_gid=862584216.1651465459&gtm=2wg4r05QBX3CF&cd20=20211016&cd21=Jeff%20Tavss&cd22=&cd23=Local%20News&cd24=Homepage%20Showcase%2CLocal%20News%2CInstagram&cd25=false&cd26=&cd30=&cd31=true&z=52805177
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 May 2022 22:30:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
21237
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
blockedDomains_6.bin
lit.connatix.com/08d73d33-9bb5-9b21-f035-1721d593115a/ Frame 9186 		90 B
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lit.connatix.com/08d73d33-9bb5-9b21-f035-1721d593115a/blockedDomains_6.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bbc303150996575a6b7e0b472780241c2b91c7f45e4701fc43747598ef010e83

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 21:44:27 GMT
age
283124
etag
"bd245048e7572962d7a7cdfc3aa6405f"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
90
insights.bin
ins.connatix.com/df1f7fdf76884268b7ec61841c4afa1f/ Frame 9186 		144 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/df1f7fdf76884268b7ec61841c4afa1f/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d1f9c5c64d175a8bc389afa09401c72262f33961d56241d00902c2a397eac4e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
content-encoding
gzip
last-modified
Sat, 30 Apr 2022 20:36:34 GMT
age
114079
etag
"5d0f23b2700a2d2ff3e3f3fc4cba4e1f"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
116
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-27022641-1&cid=1053014728.1651465459&jid=627812488&_u=aGBAiEAjBAAAAE~&z=854157601
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-27022641-1&cid=1053014728.1651465459&jid=627812488&_u=aGBAiEAjBAAAAE~&z=854157601
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m.js
cheqzone.b-cdn.net/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheqzone.b-cdn.net/m.js?v=30
Requested by
Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.93.2.243 Paris, France, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-93-2-243.datapacket.com
Software
BunnyCDN-FR1-827 /
Resource Hash
b14463d5ba2d89151d1e1c0913eae5f190f4b64703726e682d43d1ac2b97edde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
content-encoding
br
cdn-edgestorageid
827
cdn-fileserver
56
cdn-storageserver
DE-198
cdn-cachedat
01/07/2022 09:08:09
cdn-pullzone
47782
server
BunnyCDN-FR1-827
last-modified
Sun, 01 Mar 2020 11:55:08 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"5e5ba29c-2970"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
2642aeaf-0ebf-4c43-9f87-c153981605b2
cache-control
public, max-age=43200
cdn-requestid
baeb77164a37c0df1962d5fda79ca12d
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1651465459489&sessionId=defed116-41aa-4ae2-067d-387a245ba06e&url=www.fox13now.com&cheqSource=1&cheqEvent=2&responseTime=657
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:20 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
21e9519a207ee8920546392e32c00a85
Content-Length
4
Expires
0
imp.gif
obs.cheqzone.com/tracker/ 		43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e00136fefc333ef438c9d9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714493d6516dfd78ade6d5e3471ebd498bbd39e821db61c45085052aae2d05f91e46042cc25b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82c1908f77f6ba195157aead9eb17de50ae04eb9b1dc148d5cc79d62427d4cc66ca6f82d2ebf0dcbdeb1a2ef57ab1b9fd7a5065bfd764c6b444b7131402df550f8dd285888fbc9227c32c90c6f5ae53df5f5b1aa35e64cf93ca1f2082b228af52e4c41ac321fe28161a009d6deb578d97ae79bcd03ec45ca9cfcbcb69ce010478e84b585773532d96a06ea109d5c18869a99970ecdd22d783eaf03283b7f24e2b7e83e7504fd6bb0a5112f3a3f522f562c4f718b0fd79eb3af52cc414855dcaa13cda4571f9f6cb2522783552764f0405b6f3d839c008b6595c017ca9f710818a120fe2aa9de6ae66a9eef8ff86f1b3f2494920f8428eaa5a6f805f781dd762416c6af67fb36b1ac4efdd7e8966d73996ad2ccfd5118b281d2b3276090180d2b6c9367a49885d1487d9dda7a2890647d8e5ff0ec98a2d3f818c452e63bdd39c033da564c54d951aae&cb=1651465459488&cri=f2HHxrD9J6
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:20 GMT
cache-control
no-cache, no-store, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
content-length
43
content-type
image/gif
sr
capi-tier-1-us-east-2.connatix.com/tr/ Frame 9186 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/sr?v=160259
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.186.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-186-98.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
sffe /
Resource Hash
1c931ae642374fc24e1a9fd1ad7afd70464ed74cb51295c7a13e060061b56478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28554
x-xss-protection
0
server
sffe
etag
"1202 / 94 of 1000 / last-modified: 1651270049"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 02 May 2022 04:24:20 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 9186 		376 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61b2100a8748346132ab227b5cbb6710c66aa8ed5c6caf241e1d85e7bcc049bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128368
x-xss-protection
0
expires
Mon, 02 May 2022 04:24:20 GMT
b1ab96d8-1b4a-474a-824d-179772428f1b.bin
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ Frame 9186 		7 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/b1ab96d8-1b4a-474a-824d-179772428f1b.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
580961a03df02992e3246b5d618f1935a41715df91cb96686456842b0fc102e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
content-encoding
gzip
last-modified
Mon, 02 May 2022 00:52:52 GMT
age
12091
etag
"2cd26fbbab3309ffbf0bfa5c69f47867"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
1307
ao
capi-tier-1-us-east-2.connatix.com/tr/ Frame 9186 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/ao?v=160259
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.186.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-186-98.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
g
capi-tier-1-us-east-2.connatix.com/rtb/ Frame 9186 		322 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/rtb/g?v=160259
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.186.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-186-98.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
91c17b9b5b17fbabfde4f12eda5537cce8f4c97a61a27721de3e9c655d1100dd

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
267
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&pid=PyAEa2GjFhzYN&cb=2&ws=1600x1200&v=7.75.0&t=2000&slots=%5B%7B%22id%22%3A%22Connatix_Instream_Video%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
via
1.1 f3e00d74aa4544d776f78a159416d17a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
QHFAPR5WT7X2Y2PA8AK0
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
VyJO9Y-wSV2i87r2VkDIcoOuLz7EJT3e9zA5XLx5g1fkSzYiGyfRtQ==
ps
capi-tier-1-us-east-2.connatix.com/tr/ Frame 9186 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/ps?v=160259
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.186.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-186-98.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
f6baa5fc-8886-440a-9db4-c38f8a3cb887.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 		32 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/f6baa5fc-8886-440a-9db4-c38f8a3cb887.jpg?crop=600:410,smart&width=600&height=410&format=jpeg&quality=60&fit=crop
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
61b97e3c5a9341f70c36bb1252aa7a33de3a7b111493f9d6b6ae69e8961fd5ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
content-encoding
br
age
12597
etag
"uLdQZ95ixC98gnBFx97X+W7QmY0pCTwcgVwkXLX4jak"
access-control-max-age
86400
fastly-io-info
ifsz=85093 idim=1280x720 ifmt=jpeg ofsz=32749 odim=600x410 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
31997
f6baa5fc-8886-440a-9db4-c38f8a3cb887.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 		29 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/f6baa5fc-8886-440a-9db4-c38f8a3cb887.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
819e5ed6193610d1204aa6ffd591e31a4a6bf3f263d416f8e1a11dabe45f1364

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
content-encoding
br
age
12597
etag
"pmoVe8i+IFrualtOBpon67iPsVyWjh1XvVOX1196tPc"
access-control-max-age
86400
fastly-io-info
ifsz=85093 idim=1280x720 ifmt=jpeg ofsz=29202 odim=600x338 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
28483
80985990-024b-4de8-9455-b672d3eb02b7.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 		27 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/80985990-024b-4de8-9455-b672d3eb02b7.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c679c5e725893da0461190852bcb25fe023b9d01cb188622e711a89424159510

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
content-encoding
br
age
12597
etag
"E4hnBudJjyM4jnED4s9bctJjXbAAqPTANXcddhFdLSs"
access-control-max-age
86400
fastly-io-info
ifsz=75955 idim=1280x720 ifmt=jpeg ofsz=27401 odim=600x338 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
26654
939e461e-6e6a-472b-a7d0-8745d1ec8d3b.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 		14 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/939e461e-6e6a-472b-a7d0-8745d1ec8d3b.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d08019d740a977b51645ff931dcce8de0fb4fc53864a5274d026adce3799101e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
content-encoding
br
age
12597
etag
"8JiFK8sWpQgJFf1oolsoN8ueKkuAM9WRLYJYydJrwnM"
access-control-max-age
86400
fastly-io-info
ifsz=48042 idim=1280x720 ifmt=jpeg ofsz=14228 odim=600x338 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
13339
0be6c3e4-bf70-4847-ac03-86561cf80ba8.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/0be6c3e4-bf70-4847-ac03-86561cf80ba8.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5607ad5eec2c8207f27a8e873fe408b52156a2542a842529004ad1d2826b8a52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
content-encoding
br
age
12597
etag
"NrP/KWXdpQIFBcj8oBnNlMRQIW4e/br2XUdvZHt7Pkw"
access-control-max-age
86400
fastly-io-info
ifsz=299700 idim=1920x1080 ifmt=jpeg ofsz=30478 odim=600x338 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
30093
d74861fc-82ef-4bc0-9dae-a3b7ffcda5cb.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 		16 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/d74861fc-82ef-4bc0-9dae-a3b7ffcda5cb.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3f43dc8206d29c644ee28bc5d82e97f0b26f99cb78a41b00a272edf17324bbff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
content-encoding
br
age
12597
etag
"s/tJo6fuinyoNEginRuZ2Gnx6ZR8L5dHAwq5oQU9NEM"
access-control-max-age
86400
fastly-io-info
ifsz=107578 idim=1280x720 ifmt=jpeg ofsz=16138 odim=600x338 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
15615
e0b4ae5f-ca8d-4eca-9068-5109c238c2cd_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/e0b4ae5f-ca8d-4eca-9068-5109c238c2cd_360_h264.mp4
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.fox13now.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
last-modified
Mon, 02 May 2022 00:50:32 GMT
age
8886
etag
"962e620a99bf90cb6c3a8c75088a2c3e"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-1100315/1100316
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1100316
b491fd35-877f-443d-858b-0a78a0ec5f5f_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 		70 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/b491fd35-877f-443d-858b-0a78a0ec5f5f_360_h264.mp4
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.fox13now.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
last-modified
Mon, 02 May 2022 00:52:52 GMT
age
8886
etag
"f8ca07e5d2ae0ef9299f04fc065d6201"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-962814/962815
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
962815
742399af-83a0-4e59-91a4-2e8a8939f91a_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/742399af-83a0-4e59-91a4-2e8a8939f91a_360_h264.mp4
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.fox13now.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
last-modified
Mon, 02 May 2022 00:50:45 GMT
age
8886
etag
"51d4500383732544cedd4800a0481cdd"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-1140938/1140939
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1140939
a88d62bb-e117-413c-a2ed-d68c11a835cb_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/a88d62bb-e117-413c-a2ed-d68c11a835cb_360_h264.mp4
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.fox13now.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
last-modified
Mon, 02 May 2022 00:51:26 GMT
age
8886
etag
"b978146296d99b7ec6dc505088faacb2"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-1070951/1070952
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1070952
f549b098-3d66-411e-91fa-b7043d3bcf82_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 		520 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/f549b098-3d66-411e-91fa-b7043d3bcf82_360_h264.mp4
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.fox13now.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
last-modified
Mon, 02 May 2022 00:51:45 GMT
age
8886
etag
"b5bb452b724e6fd6cf994b81d3044b20"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-1032580/1032581
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1032581
bridge3.512.0_en.html
imasdk.googleapis.com/js/core/ Frame 027F 		630 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19ede6d9e804c8651d1a03850401c29716427827ad0aa2308ce140c076d2c566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
236665
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209474
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 10:39:55 GMT
expires
Sat, 29 Apr 2023 10:39:55 GMT
last-modified
Thu, 21 Apr 2022 16:19:01 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 9186 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 May 2022 04:24:21 GMT
bridge3.512.0_en.html
imasdk.googleapis.com/js/core/ Frame BAFF 		630 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19ede6d9e804c8651d1a03850401c29716427827ad0aa2308ce140c076d2c566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
236665
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209474
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 10:39:55 GMT
expires
Sat, 29 Apr 2023 10:39:55 GMT
last-modified
Thu, 21 Apr 2022 16:19:01 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.512.0_en.html
imasdk.googleapis.com/js/core/ Frame 6175 		630 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19ede6d9e804c8651d1a03850401c29716427827ad0aa2308ce140c076d2c566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
236665
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209474
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 10:39:55 GMT
expires
Sat, 29 Apr 2023 10:39:55 GMT
last-modified
Thu, 21 Apr 2022 16:19:01 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=cmpMet&pvsid=2241689325901390&vrg=2022042601&nw_id=6088&nslots=4&eid=31065713&pub_url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&fc=0&tcfv1=0&tcfv2=0&usp=0&ptt=17
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.fox13now.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 May 2022 04:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.fox13now.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 May 2022 04:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		58 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2241689325901390&correlator=1091653685396880&eid=31065713%2C44755509&output=ldjh&gdfp_req=1&vrg=2022042601&ptt=17&impl=fifs&iu_parts=6088%2Cssp.kstu%2Cnews%2Clocal_news%2Cdetail&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250%2C970x250%7C728x90%7C970x90%7C994x30%7C10x1&ifi=1&adks=1130257580%2C1666007649&sfv=1-0-38&ecs=20220502&fsapi=false&prev_scp=categories%3Dhomepage%2520showcase%252Clocal%2520news%252Cinstagram%26pt%3Ddetail%252Cfalse%26fname%3Dbillionaire-utahn-to-give-away-90-of-his-wealth%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C2%26au%3Dnews%252Flocal_news%252Fdetail%26refresh%3D0%26temp%3D50-59%26weather%3Dcloudy%26amznbid%3D2%26amznp%3D2%26hb_format_gumgum%3Dbanner%26hb_size_gumgum%3D300x250%26hb_pb_gumgum%3D0.03%26hb_adid_gumgum%3D50edd4738774823%26hb_bidder_gumgum%3Dgumgum%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.03%26hb_adid%3D50edd4738774823%26hb_bidder%3Dgumgum%7Ccategories%3Dhomepage%2520showcase%252Clocal%2520news%252Cinstagram%26pt%3Ddetail%252Cfalse%26fname%3Dbillionaire-utahn-to-give-away-90-of-his-wealth%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C2%26au%3Dnews%252Flocal_news%252Fdetail%26refresh%3D0%26temp%3D50-59%26weather%3Dcloudy%26amznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D970x250%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D49f041d2c259b27%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.00%26hb_adid%3D49f041d2c259b27%26hb_bidder%3Dappnexus&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1651465459938&lmt=1651465459&dlt=1651465458344&idt=937&biw=1600&bih=1200&adxs=325%2C-12245933&adys=2151%2C-12245933&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&frm=20&vis=1&scr_x=0&scr_y=0&psz=610x30%7C1500x0&msz=610x30%7C970x0&fws=4%2C132&ohw=1070%2C1600&ga_vid=1053014728.1651465459&ga_sid=1651465460&ga_hid=908628599&ga_fc=true&btvi=1%7C-1&topics=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
c71774c5b321419b21ef3a5fa4b236b8dc190abd6d38b568604d2ba9d7c2b3e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18346
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.fox13now.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2DC8 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 02 May 2022 04:24:21 GMT
expires
Tue, 02 May 2023 04:24:21 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame C3A7 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 03:47:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 02 May 2022 04:47:12 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2241689325901390&correlator=4202860900949597&eid=31065713%2C44755509&output=ldjh&gdfp_req=1&vrg=2022042601&ptt=17&impl=fifs&iu_parts=6088%2Cssp.kstu%2Cinview-bottom%2Cnews%2Clocal_news%2Cdetail&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2F4%2F5&prev_iu_szs=728x90%2C300x600%7C300x250&ifi=3&adks=173361388%2C3237403784&sfv=1-0-38&ecs=20220502&fsapi=false&prev_scp=categories%3Dhomepage%2520showcase%252Clocal%2520news%252Cinstagram%26pt%3Ddetail%252Cfalse%26fname%3Dbillionaire-utahn-to-give-away-90-of-his-wealth%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dnews%252Flocal_news%252Fdetail%26refresh%3D0%26temp%3D50-59%26weather%3Dcloudy%26amznbid%3D2%26amznp%3D2%7Ccategories%3Dhomepage%2520showcase%252Clocal%2520news%252Cinstagram%26pt%3Ddetail%252Cfalse%26fname%3Dbillionaire-utahn-to-give-away-90-of-his-wealth%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dnews%252Flocal_news%252Fdetail%26refresh%3D0%26temp%3D50-59%26weather%3Dcloudy%26amznbid%3D2%26amznp%3D2%26hb_format_gumgum%3Dbanner%26hb_size_gumgum%3D300x600%26hb_pb_gumgum%3D0.06%26hb_adid_gumgum%3D518d08a1e7a3dad%26hb_bidder_gumgum%3Dgumgum%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.06%26hb_adid%3D518d08a1e7a3dad%26hb_bidder%3Dgumgum&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1651465459970&lmt=1651465459&dlt=1651465458344&idt=937&biw=1600&bih=1200&adxs=-12245933%2C975&adys=-12245933%2C936&ucis=3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x0%7C300x30&msz=1600x-1%7C300x30&fws=644%2C4&ohw=1600%2C1070&ga_vid=1053014728.1651465459&ga_sid=1651465460&ga_hid=908628599&ga_fc=true&btvi=-1%7C0&topics=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
33b26336ede2d6ae7c70e84e4d4590f1c78b2be2d2eec6b31e6188baf81eeec6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11703
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.fox13now.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 94FD 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 03:47:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 02 May 2022 04:47:12 GMT
ob_smartFeedLogo.min.svg
widgets.outbrain.com/images/widgetIcons/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_smartFeedLogo.min.svg
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.29.173 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-173.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
last-modified
Sun, 01 May 2022 07:29:08 GMT
server
AkamaiNetStorage
etag
"f370d19306add072a726e7f4ade8dc57:1651391320.146566"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
7090
expires
Wed, 01 Jun 2022 04:24:20 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.29.173 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-173.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
last-modified
Sun, 01 May 2022 07:29:08 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1651391295.775433"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Wed, 01 Jun 2022 04:24:20 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=fbbe774e2854133eb33a56d95fd49d78_38984_1651465460434&tm=1261&eT=0&widgetWidth=610&widgetHeight=192&widgetX=325&widgetY=3201&wRV=2000692&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&rtt=633&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Mon, 02 May 2022 04:24:21 GMT
content-encoding
gzip
X-TraceId
6526cde1f8b81461ba0ab84bab0aff4a
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
streamFeed.js
widgets.outbrain.com/nanoWidget/2000692/module/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000692/module/streamFeed.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.29.173 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-173.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
556ea8be84a3bba47fb218fefab370e8f0dd0e3887728c38e1565e77e559c812

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 16:16:18 GMT
server
AkamaiNetStorage
etag
"a1975d11f3f08ccfb83e02427aae8988:1651164205.893668"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
13492
expires
Mon, 02 May 2022 08:24:20 GMT
eyJpdSI6Ijg4MjExMDE3MWIxNWI3Yjg2N2U1NmM4YjAxMWEzZWI5MjQ1NzJkNjQ3ZDNjMGVmMDVlOGRkMWVhNDYyNzAwM2IiLCJ3IjoyNDAsImgiOjEzNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijg4MjExMDE3MWIxNWI3Yjg2N2U1NmM4YjAxMWEzZWI5MjQ1NzJkNjQ3ZDNjMGVmMDVlOGRkMWVhNDYyNzAwM2IiLCJ3IjoyNDAsImgiOjEzNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.22.34.3 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-22-34-3.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4d35f133632d83c45a5662e955d2b2a4e9c67a26957850587afe441820f74dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:21 GMT
cache-control
max-age=1584537
last-modified
Thu, 21 Apr 2022 22:11:59 GMT
x-traceid
795146447daa22cc68eeb676a5b936c7
timing-allow-origin
*
content-length
35398
content-type
image/webp
g
capi-tier-1-us-east-2.connatix.com/rtb/ Frame 9186 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/rtb/g?v=160259
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.186.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-186-98.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 02 May 2022 04:24:20 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6A24 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 03:47:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 02 May 2022 04:47:12 GMT
b491fd35-877f-443d-858b-0a78a0ec5f5f_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 		876 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/b491fd35-877f-443d-858b-0a78a0ec5f5f_360_h264.mp4
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.fox13now.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range
bytes=65536-

Response headers

date
Mon, 02 May 2022 04:24:21 GMT
last-modified
Mon, 02 May 2022 00:52:52 GMT
age
8887
etag
"f8ca07e5d2ae0ef9299f04fc065d6201"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 65536-962814/962815
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
897279
a88d62bb-e117-413c-a2ed-d68c11a835cb_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 		982 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/a88d62bb-e117-413c-a2ed-d68c11a835cb_360_h264.mp4
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.fox13now.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range
bytes=65536-

Response headers

date
Mon, 02 May 2022 04:24:21 GMT
last-modified
Mon, 02 May 2022 00:51:26 GMT
age
8887
etag
"b978146296d99b7ec6dc505088faacb2"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 65536-1070951/1070952
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1005416
742399af-83a0-4e59-91a4-2e8a8939f91a_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/742399af-83a0-4e59-91a4-2e8a8939f91a_360_h264.mp4
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.fox13now.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range
bytes=65536-

Response headers

date
Mon, 02 May 2022 04:24:21 GMT
last-modified
Mon, 02 May 2022 00:50:45 GMT
age
8887
etag
"51d4500383732544cedd4800a0481cdd"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 65536-1140938/1140939
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1075403
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012203150226000/ Frame 5068 		222 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
57171
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62084
x-xss-protection
0
server
sffe
date
Sun, 01 May 2022 12:31:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fa1474a6dd6481f4"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 01 May 2023 12:31:30 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 5068 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
57170
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
server
sffe
date
Sun, 01 May 2022 12:31:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d91e62368f79b48d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 01 May 2023 12:31:31 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 5068 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
237183
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29618
x-xss-protection
0
server
sffe
date
Fri, 29 Apr 2022 10:31:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9a9baa9802fa29d2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 29 Apr 2023 10:31:18 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 5068 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
237183
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1900
x-xss-protection
0
server
sffe
date
Fri, 29 Apr 2022 10:31:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3393210d007db9ca"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 29 Apr 2023 10:31:18 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 5068 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
57171
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13669
x-xss-protection
0
server
sffe
date
Sun, 01 May 2022 12:31:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"565eca32a909292d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 01 May 2023 12:31:30 GMT
truncated
/ Frame 5068 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe59a74bf4a9e82756ae62f3b39cd0706fe67f3ccd18e3e0a7c15aad45dc71d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
container.html
a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D9E7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 02 May 2022 04:24:21 GMT
expires
Tue, 02 May 2023 04:24:21 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.104.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-104-163.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.fox13now.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 02 May 2022 04:24:21 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
8137071423452732943
tpc.googlesyndication.com/simgad/ Frame 5068 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8137071423452732943?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlawL4RwcUBLP-_Jx-1mXwAOel0cA
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e23e620ddaea9768515c1266f390c26a55f6e894520ae0b6e85fdf86a9e6f07b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 08:34:42 GMT
x-content-type-options
nosniff
age
589779
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49102
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 08:28:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 25 Apr 2023 08:34:42 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5068 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 18:59:48 GMT
x-content-type-options
nosniff
server
cafe
age
33873
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 02 May 2022 18:59:48 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5068 		295 B
757 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
81647
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 02 May 2022 05:43:34 GMT
l
www.google.com/ads/measurement/ Frame 5068 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSkem4rUXxMXoNMP8turz8gajYa9hgSq1CFOGC6ICxKsQq1P9jFZdRXuvA8WkMciEc19BJ-yzadDqVaRMoCHz9RwqRTSQ
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 5068 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C670M9FxvYrqZLdrm3wOi4rPACM2K17pp8NnrztYPzNr2mP4OEAEg5pSFGGCVgoCAoAegAcbB_pMDyAEC4AIAqAMByAMIqgSrAk_QfVEqjfQMdcdpPOIWsVfIn0CXOz91RKcOeEm1tnbCNFoVBLwTPrj8wFVgc51OGwpU9Mt1HPE0lcDBACFX2Zg7QALq_mb9HjKSHmDCpEr6kU5nZD39qjptMpMm5M_BklItAp3BXoYV-AzGhJrOjKqwwdUPinkBffDWmfwPBu_dqDmYWKGD_YQrXQUAi1JLCoq2uGEVCqDFDgRNxg8iurxSbzx5764rXHONzXqwoOQfhjxyZwNp8DDS5NsA5RM0aGMrJNE9qtxZ9GpvGGpjtQTXRkLuKhYWtq_ceYSKMISge1MApKY-gKHNHITqwsqHSANdzXOfa1apycq5hfnZ6CgKtMF6MG11-EIs7YZFNXYRbiGStnKElNegpMHZhLY6iiBkFfrZb7hntcoawATMi_u99wPgBAGSBQQIBBgBkgUECAUYBKAGAoAHor6BbKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELzyHtIICQiI4YAQEAEYHYAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi04NDE0NjI3MjgwMDU0NTkzGK2LEQ&sigh=AD1Bt7bziuQ&uach_m=[UACH]
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
event
prebid-a.rubiconproject.com/ 		61 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.104.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-104-163.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 02 May 2022 04:24:21 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
container.html
a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AE50 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 02 May 2022 04:24:21 GMT
expires
Tue, 02 May 2023 04:24:21 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6655 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 02 May 2022 04:24:21 GMT
expires
Tue, 02 May 2023 04:24:21 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.104.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-104-163.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.fox13now.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 02 May 2022 04:24:21 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ 		61 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.104.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-104-163.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.fox13now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 02 May 2022 04:24:21 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
f549b098-3d66-411e-91fa-b7043d3bcf82_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 		848 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/f549b098-3d66-411e-91fa-b7043d3bcf82_360_h264.mp4
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.fox13now.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range
bytes=163840-

Response headers

date
Mon, 02 May 2022 04:24:21 GMT
last-modified
Mon, 02 May 2022 00:51:45 GMT
age
8887
etag
"b5bb452b724e6fd6cf994b81d3044b20"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 163840-1032580/1032581
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
868741
get
mv.outbrain.com/Multivac/api/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&settings=true&recs=true&widgetJSId=AR_11&key=NANOWDGT01&version=2000692&apv=true&sig=U5P6taVr&format=html&rand=46568&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=ZmJiZTc3NGUyODU0MTMzZWIzM2E1NmQ5NWZkNDlkNzg=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=no_abtest&clss=DRk0EcKEBuRKT2HcKl%2FYFjxc9hy0XZpYP9FTvQFbqG4TBj7%2F5%2FiiLyRpN0pxe03Obuu4M8I7riFf84aL&dpr=1&cw=610&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000692/module/streamFeed.js?e=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
424de83322606030781e5c28fefd1d17ffc7dbaa7364733237e98b4c4f67506e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:22 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1651465462.936560,VS0,VE166
accept-ranges
bytes
x-served-by
cache-lga21926-LGA, cache-fra19128-FRA
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
062223e1857ec46c51c5175ea95c73c1
content-encoding
gzip
content-length
1634
expires
Thu, 01 Jan 1970 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5068
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Redirect headers

date
Mon, 02 May 2022 04:24:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame D9E7 		102 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4a00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
894bd4636346f9710907258043cf9936f4fcb1cf7d36bde7c1100351aae5ba96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
gHMpfFdT8SzFtq1y23UkNohq_mfD50db
content-encoding
br
last-modified
Sat, 30 Apr 2022 03:09:32 GMT
server
AmazonS3
age
6516
etag
W/"4e703f7c81ff1913b8ac915fa4da2a5d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Mon, 02 May 2022 02:44:47 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
0xZGaUhurWTlbLt-Yx_PhGRBMS21dvaqosNVp6v5gQvDxvV7rLbC4Q==
gen_204
pagead2.googlesyndication.com/pagead/ Frame D9E7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DqMjjxjNkill7FnNZIaiEad-86oMRI39eF_rda2bX5Z35yAF4roDd-mOSGY9Zpf-iMKy4cghy_Uj91zUKHKTtD8ylWWlg-Bz18XSKL2H-_Ji7d5x0
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame D9E7 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
dcfd7936a2e8014ddeb492dce621f62dc4eeeb642d55f11ab8a16f40566cb316

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 02 May 2022 04:24:22 GMT
Content-Encoding
gzip
Last-Modified
Tue, 26 Apr 2022 09:46:43 GMT
Server
Microsoft-IIS/10.0
ETag
"8031d895259d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3303
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame D9E7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 03:58:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1547
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 May 2022 03:58:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D9E7 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 02 May 2022 04:24:22 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame D9E7 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 03:55:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1744
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 May 2022 03:55:18 GMT
l
www.google.com/ads/measurement/ Frame D9E7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQYhSbtg79p717vkwjgo3B2Yd4fEdPgk8SFUkRWz5auuR-L5u25Lwr5hf84zUUORqjTUIxTDR5-yC6RqO4qdiJIl-IzKg
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame AE50 		102 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4a00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
894bd4636346f9710907258043cf9936f4fcb1cf7d36bde7c1100351aae5ba96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
gHMpfFdT8SzFtq1y23UkNohq_mfD50db
content-encoding
br
last-modified
Sat, 30 Apr 2022 03:09:32 GMT
server
AmazonS3
age
6516
etag
W/"4e703f7c81ff1913b8ac915fa4da2a5d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Mon, 02 May 2022 02:44:47 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
lSYja1J9S7bqP1r9NNJZFlK6OpziM_yg6aGSN2bDCOC2VlhG8QtaFA==
gen_204
pagead2.googlesyndication.com/pagead/ Frame AE50 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AR2v9zQK36qZI6bPn0dPr-MLDHoabtBvM7b6vlFF-39Z5CmCH9GQsD_cK-zyA9FVQ3l_VIK5ntV2hBmVA9unBCCxBhmjk0O8oJx28VqerBA9dHUN8
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame AE50 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 03:58:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1547
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 May 2022 03:58:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AE50 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 02 May 2022 04:24:22 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame AE50 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 03:55:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1744
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 May 2022 03:55:18 GMT
l
www.google.com/ads/measurement/ Frame AE50 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRvlfvATb304MDSZISUxa6GwSlpGiJtarC2xitiRaDS_psKB-1U6D6eueJxRll9c558VeNknr9at_W9vAj-sMOpbFCMKg
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 6655 		102 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4a00:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
894bd4636346f9710907258043cf9936f4fcb1cf7d36bde7c1100351aae5ba96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
gHMpfFdT8SzFtq1y23UkNohq_mfD50db
content-encoding
br
last-modified
Sat, 30 Apr 2022 03:09:32 GMT
server
AmazonS3
age
6516
etag
W/"4e703f7c81ff1913b8ac915fa4da2a5d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Mon, 02 May 2022 02:44:47 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
16k_wFSwIpL2PCWwmd8ygeYPmEJ5iu11x6VWvpedhxLRxO3WcGL6MA==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6655 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ANkms_HJWtpqCTMB2XLYJRYOUR3U4-0DNhzE1n6FbTZi6DInsxOq6x4K5cM6VKzDbYR9XNTkWaSUpnJwQevGJinZv_VKR54phGSTlIXfG3W-2Bc1Y
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 6655 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 03:58:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1547
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 May 2022 03:58:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6655 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 02 May 2022 04:24:22 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 6655 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 03:55:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1744
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 May 2022 03:55:18 GMT
l
www.google.com/ads/measurement/ Frame 6655 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQcxj3MoFjHoi9J2-vDuNpjcHg8_1rYc19g6h1QY14SVn3zVlc--baeN2-EbYU2uzbnpU-WD2CvTj2GD-PRDWf0V_NYCg
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/ad/impression/ Frame D9E7 		0
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=391235
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iewNzMHUseKPha3OXHYsfmKmDo4oUsoFN3ZhgVDSTOfSMhSoV1yMU1mP9cc1xj%2Bcf32VD2brQQXt%2Fk0RhwzG51AxtRvu26uYH2DI9ahOl3f85j44QUtNheK3crqrDMz0zm4TxNFLpZkVCA4%2BYkRfwH2PvA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
704dfca22d16912e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FusvFodvDXAc6nwAenaC
155fc8b5-713f-4ac2-a7e6-44a5a1ee6581
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/ Frame D9E7 		785 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/155fc8b5-713f-4ac2-a7e6-44a5a1ee6581
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
785
Content-Type
application/javascript
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0DF7 		624 B
733 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhChpIcCGIq5mccBMAE&v=APEucNUYkcEqzNqmhA6NhhfXCfxC7-kpz4fw5A6C01Z2z4CGtYgg6I7MpEaMvjfc3Ud6wtYtM5egTuhKOnCtvQoJgMBdaej0GVU96yT3PTm9F2ZERmy8e9Z3NPU7l8Bn7-3KnS7IaqxrxkE8P_gPjyNTQlQe9C58DstvuqM9jYY_bQAzBLpJVq8
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 May 2022 04:24:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame D9E7 		81 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5osqOi_0ahGHNvHWfWc978wrrW2kHl4Di1wCjw_ykPPdFXd7oL7v8Oy0t0ynckRHCib3KUCOubO-t5U7jQn4HESzjyxlX1LaxqMbvs14qJDp_rdL89tOtOBDmUme6fSUmyrhvFoW8CAP_UH0c8nXBa2cf_g&dbm_d=AKAmf-DfFP1_NDinREjT2KBU3CX83ax4dyQ8TdGkB3OP6GQEqLi9MX0E7nEvQ-4By3_65DQfS6cNXkjptYmX0i_Gk0nhkYeNOI1XpjzxdkVuMiauNE5phCsfqRrBaAhYJ2vqVv9_SQuGJyEZ11JUOah9leq8Gtm8SpADNxBtj3oRLC_wgXmvZgqQpeL_DE63OYXEC4udGjK92BgS2y03Ct5S19fpyH2UleH6y_R0y2DQJfWtPzNw1-LEbwaLFoUToncD0B95VzTkOl0Q-kHVVPOCOw8EK-1VsZaD153VFWuY1Pu7kjnWzGYNXn2IOLTuTChvXnYf21i6SYdSZcChSLkScZDGzKQ2_qFsLw4V0uFQB207yuUnO4PbQodn1Byz_eWY2QPJWkt7PeOyMVfAvBCuLqul5v_WLwMXKqjpTMenQH6pb4mMI-OJLNHkS6M2q_3MERVtQ3Fw2hf2dvxrnqw73_Bb8R2kt2HshEjMSQgfWS9xZf9kLNMvufJNgzjQo15Ly9WEsbzVNlw_9ZnrCe_Yaqhri2ewYuzLozpGdk-fteD3dDx3iMaX4sS9aDX_T4HwaK__zfazt9ykOaOH1pbiVz4DB6by3lJt8PV83JU2fW5Kj9tMwuIx66r_TtdWalc6pyigkAPednz-7Vl7TBJ1W_6N0rLqkfDKxltBCM44SWUhXftN9P3tQXDKiVOOW4UREzOii_UZ88zE-3oMhuUaY2-FImtsLxxgyFTOYQUMlH22JXtcbWff8L3L0HDLkP7pFdQqRahppO-UwDSJH-oYY4wxgDX3JV4e2qHG9mMpm1XTr_o4h6kg1MhJYU4TBahihDjkyZdJvRFcx3IHGfPw_iHv0olNbJK3ip53gzicRTPKrQ9AEYblA0nwzdxES0Rqil_aOYXMKpPsCdMaqfnV1Nseb4eJt4rllcsEXAdC6kBDZazJGLOWKpAtMUUhF7gf0YhSX4ee5AcPIcpcknR5FXFBJdDs83tR83eK1JPnPL4Cd3DkD7FS1B3MrsfGiLf008j7fIX88eEPj_jrvmbYU0z3vQFpEKKyHbcjutGTg8VHoLOXvdy9CUbgaO7MiPFKrKS_JtiEPx_Z7coQ1Zonmi8S0hMesupGCn8gwWy-4XPAaGgYItpWn0NOb6V2ljYOdd3-9jzhIvNM0vDABfzgAqre0UlIFm86nQjAfie-LcIfXTeIf7lMba4gOlKU2nvtX4unW27ONxjvGCZy4n8nF-xqMdHotXdPCqCNJ9qSm9lhnSa_IIgTga2M9H-cj005q_j4TxtGE6wx-3RhallZxHZTgWtdKmo_3U0JkfXGVNkdA6x4OylQuYB7u4YfeCF-4kTHxZJHTvh-SvT4g_0zt4A5z0GTEgOzKibSBidPxZRAhJkapWFp4Yi4XeWA2lvU9DzRw4YdbZslWFBrZpW6o9RGf_U9FyjjbUjtge3enooobp5iGS8GC_I0NjcFJ1xAzQMCgtrd6gYcWyfC6v5pay5aad9aMMbHFeSWEIBlllRiwE5W5TQEmv0XiYoX_i3BHbaUjjduxSWXVM-iX316_WYoGrezWRTBU8QlTXA-LlTiJTHyG8AhXvStE2jgA5MrOC6DY_AQn32Rq3ku_A4oR7FTPs2p3EGwSyvL7AdoKayuBazVa3yr1031cjqWHM-SDPMqBbV-oaaFxcuPWWn1rPMXuOatswUiApvjkZ2i07nEmz-QU9kDqKPgJw4m0VmAZcjYy0_Xo5EC5OHa3YXhSp9pwzYLU2H3b6qCu7OcUki7xVh9TpC0MpdLxGU6v33D6usHjeG7LrCO3efxq9hIQWVwp4KV_G1tzYZP6ne9NAnk01Q4qZL2A8qter6lnyFgk-6UjwtGWHUcOH2xomhVnogT7NIYaX5nKnO3ebASOikK1Wnb2wn_Hx-bsuva6JZeyV_OSwc3YOqkb5ZoT5txqSTYorA2RE4kd30SAm7pqqCmRFyV4U1x4Q00dlEpJhUiLUNn_2dYDCkcWk29quE4cf29Ajy6mxyxeqLd2t_jIAWebtKabgQuKk2EhrK2FnO7-a2PW9zfDyEn2uwNuD1Zi0estYgdNAeMSb212ESZCRwAbHN8_cuwSPtJhKU7_e4GCIfoM4H6DtZOkvJucal9NrzskBMUbCSUXv-COjAyTxBlxHonbPkyGUcUQEw_NElxfCAPF46rn9uYstGHJM4kCpDj-jT9TvDc8OVOEIeju75sas3BLuFKIVNvUUnn2JI3xtSo7ZyqT0O1Z1LiHg5s81rylvCM1YvAlaXzQcHKmOcCu6mclq99IORnUdNPPEw37ADOxET4SRhB0qbNYQBiRg3nSM3dfWPNbRRDMtJvAwJ26UUKQ5CWxl69kedof6yfmwzCYy9WzQTRWaDoPA7NajT75wvqvNnj0A0TRwRzeLpIY4UJ2_16oD4ltUeaJpKNNX2gHI_203-uZZ2xJgPPYGY5GWeS1kK2mVJKAK3wJoePRNxFIbWLiRd1wO8N9-uNI6XAqMAGKm4LlyeGat4QTC8Tsmfeq_ieS0u6pMcp5rHJwVpkh3e5SKWCFAE4e01OAFEFUK2xcONTXXON2MR-zP_GUQCZCQKza18K17gyxql04G0_gyGbaAyuT_eMUW8GqhIjXA7o-lskdcGiKLyfwb7pTxfGBNDviajzOD8s7ve15_wffzCFMy0r_k4VdD86hMA-T6zwKh-iOQZtSKa_ywPblZyIa8GeOi_dMBnkXnZLVNXKFPImKxmrtY16n-EPEs27z61EvIwGj5wl9c8jVsi7VmN13OYBIHTmbTtHspkTEuvYDXHSka_vhQU4-z0-5b-fkuZa1jI6aAXw8zEAxl2JNCBRFXS7z1fCp3zndlVsXjnngTNgsKzLOA6xycwBfquDSH-UiluWQVlPuFS-s_tFAH8_s-vd6HSBC6nVNI60Fz4fIh4Z7kMmnu0WpibIIf0TLiAMsC0_19qWpAeXsT_R_qPKxgUmvXF_pKezfT-sH3i2dZKIM3qnX19GDIPljbena4Tbi54VeeisDXRHVLTm7Lu2Hu6qwA-BXuF6PYGtGaFpj94p7gPFCSYYadnSUU0OHWAlCkCDpzjrd-NSsWMmp7Na3VMacX3dSZY2aa9aBxZDPojwTnY7uwvzOlmL2Bir0gbAbeCaexK0wzqSkDiIO4WqfK5e_8vUqxPYHBBVKFkD7YtxLJlgN4LiNhwSHWztNo19A3YmUIYUI0KZOHo5AVXvkUvOZKbfXj2myUBRt0Itxs5mQ1h56Y_W3EV3Zm8EhWGTvcV_zuAGSwr5JQ0hwHsHK0glp9wJj1x50cyIdg0D__4xd64AATxD5h2erjol-kPh&cid=CAASKORoNLf8EGZaSZSaMDNZjPl-G3W4DqxVsDmAEpS2dvM38-q121mSGyI&rfl=1%2Chttps%253A%252F%252Fwww.fox13now.com%252F%240
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d03c3af1415a2c7c676eff7f7db18d7c6066efd5a0f822af66eb0f50f574c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33771
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/ad/impression/ Frame 6655 		0
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=1041232
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oR824UqA1L1UbbvbKgGYRSFegpH%2FdIeWglFL8NdGDoyG6Q6%2F%2BsxVW82KczPP3RheSVF5PyWXD2j3BsL8QS1e%2FeaCRbM2P52xSz3EKxOgjM7jNp7PUqP7RIlcj1a17pFUBYbSf21xF3zuVE9hfKKMW3ZrBw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
704dfca29d8a912e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FusvFosx-ArAJqoBo2Zy
6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/ad/impression/ Frame AE50 		0
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=277829
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0TqP0c4VdU09k7QMJnlsSQ6TfVK1qaALr9CaCcnhIJyXM9CCXCX4T1RvRpvdkOkATKT1Cl3NXYJAbjpaQGUNV7zigSW6IW4KSP9KnqIyaiLWLBlJhCte3%2FW2SsaAZpuJwLsfWNjUvBhRaIEtjS%2FeVWFhA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
704dfca2ada1912e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
FusvFpFamQni6H8AhnKS
6c6368f7-a762-4add-bae1-76848a6cb19c
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/ Frame 6655 		785 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/6c6368f7-a762-4add-bae1-76848a6cb19c
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
785
Content-Type
application/javascript
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0706 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEIHeluACGPH-0rUBMAE&v=APEucNWnHCM_vCfIvjzXPx5kiQkwoqQs-nkwZvajYf5tXS80OFDcfXODxnaZNF9az5c3W8Gfy0oRZmYRMQaTlTjsw2QhN5vDFmPUBfK231MPp0kI4Co1RcwwB7mA0l71D-iS-QNqY0Dc8wQ2afId21joszSdkUvHo7OhUWUGWjhZQUfA5PHKJyY
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 May 2022 04:24:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 6655 		80 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsSIr6nrguwv5UZBT3VtDR1FEpQl8e9afcsg6nhbF5iZIXtGPlhjPJjIR88LOYCX4gFfwr_SI7P_2sXTzVfBUC7twrQqhkU_qH_NnCioQLUExUJ1X_ZP8Sm6qhszN7n4wLE40Yvray5kILTR8MTZoMLCzoMg&dbm_d=AKAmf-B_Pc99jkPDHRD1WMwhAALOoNGIjJLGEUu64zEs_BEXeCu9qNydZYJYDOIV4gaCZDSZKRzo7w7yl4fvyOcNzfVAJbNsMaVx0P8dYE26oqXzDiTMTLBWkhX3Qj_ZweTQBp6ujs3HZ_io2_hriaiAJkMzNm5XPeCeOrYc_LJoEkzdb39DldehdgT7gf3Rj9ro0TMUfYznNvb5hWxtjzpG17cjAQuC0nChnkD1qZxSCVbLt38ISqYxPDs3auIkmI9kbavMOeO_UitwCOyEAYszYmciKA2bNjQen-XAZx0UO5NhQAf2m9k_p1e-tyWD_FK6QfHzSsniVmB764adMlWc_fKw4r9Q4s4uiNjp6Ca87I82tXmdPVC8PkPSdnXl-tmrNWRJThxGVY3ISu1aw86IiL8pW1Ounx4dpKYDfLDlmEfcaEAO0pynwAlpJG5fq79Xb70Ae-o8oqxC02kYg8MJoI64jQ_y0WA1W7m-CgYRP5IvdOHClsyl4lr6WljEUaRWZmtuY6dodAsHj1DUPLkiw1UXl48qnvc99wIvL6ntR6DtjItqcByz74NIvSHUbhxr6Mcpyjdc1wQNTE5ffwRH1VP8ZNaj0gECZ3nJlmS_HIfsRG-cv0aY1mG0XOmyDfh1foK6MpZ6vR_Dnk8OqK46sHCpZODfDLSra2xjQ_NmlGzxGyv2m-R-hQdbeq0hHyb9yKPBnRwiHHLLH_XsIirPt3vZra-eo4IyoIDHdzHa7BItqSYMs3bEk1viug7m7X4P3wwfVPqwcbo6e7XrrH3IKBd2xfpY0_PnczcEfO7Ph-RqErolSt5t4IHlfDVnmJEJyl3c4Z3fGsr-_CoRBXzpW06DGzOBaSRpdj88tZ2Wf2uoBV6pnSnJrfLhAI84tzdgdS_s6lzce6GQgOtb1mWPZUjSoYZ7Vz67XbhfRSs2EGZUjaw4l1QRLv5XQZ2VTu-4D2tYonS8VNktAl0ZfXUgHF4e_nNN5pNlkLLrvwIYd3p7lBjQNE8D8jFs0lNBKgA282gXQbDo0GSuZLfvx5JfHdk2j_88Zh0CwLNaU_KcT9qQzL-g2iftUAFafIUpXhiqSZDX-5J6wRDpeCvlQf3I_K4xl-GFtLs6pm1bSzowV2qYLhfO9ho3yLN5gJqt_doRdXJyKXMv2-ySWvCjv_cCcxNFWfc5DAhya9CPTKN8-ssu1twXNrT0fHiUjZzqU-_gnhCpYX5bozWXNyc_CiZeQsUf9DRHNXL8jM1dMfmVSkTPxK7Z2gEDejShaTmAlMid4cxsM0VT3TlshCIiSzsYg3Kq0kG9dKwSyRVPQBJBqSltbL0KRfqXcz7Cib2k2kjIAG7H0RykDU4NyyDeD5MbGBnkmCY8GC7hOcLb6eq4p0G2OflsU5CQrlx_h9UADGIa0Y_p1hmExxR1DMlXfWegPDA6ZfCMGVNUnCsNVHrTLTjc2UL63CDYQbJIa0G0-v2nxXMqxe7wdexDek9ZNeiMyh1jliwpS4YAX3rvxPA3zlB-jWEnPCU2T8LXr3-5hI7sCrNYaiyFG-ktErgo0MeIb3hp3U0HHCVxiD0JxHMc-CimAr8x3W0lNoEc3iNZ0sHxCWkv-AoUG2VR12LScEuHgn9ZHUXglPBO9HRr-aSwbc0YgrQzx9xzAj0mUu8fHE3yPtvrSwB4AZSRmoI7AOc-WgqwKT3GTbbRIJyNDSnuQVoYLbBJwDTyH-YUUo10f7Fu00b2oq5NzFLlLCsVw1l3cBo4PvQBer08BPb7e38evWcvtev2H4qtGf7JVqgWmfAvH46Nknh6_5T3Yi1hyAJwDK_yS1pG_W32b-zp9x5l9FibrSpIuBvO5CVGrbcerTHWItjkNwAPnQn1RWXtFmPEdxBvDwTCUVZLgXxuvrt2iaRfZjQ22Wav8ZNAYjNbbB74zCy1QFPR57GHfUv2e1daNPmx-dxwKIGcKq3sCOsKcxWRIfveHCZkD0aLdMTxjJOKibVMkdp4cBQZqyDsR0_bswMFQ5nV2XEsOjYLpV8kCfPjHo-C6a_kA5AVAaXyFCHWOnPft9Il9NoyXXcYq8Ho0SsowDRKIG-2Y4mfOkbWV8lEt2qhtYIl9fRjTF8Ejn_VUehHnrCSKUme4G8DAXAvlXFNRkUa_iUVqSnuKepX_A59x_W7I0Fyzc065e3u687FLwQ7TKM85xikvPKr0mz1F15XjsWvy0UjuSlmIFG5GC7gWa6ll7D3vdyIEhw7KT7hmyQj-b5EsETBmNVv2yc5T0Lh-tk3-OesuV7d6r-QmFJ-ynikT7GIPvIuYXJJJpkWdwpfak6kYtK0Nb-eGrKJZdvQQcKftvjs0NiBNRFzqV3Yw1Bm3JcUsPYZEglYPNUeVZU7ZU7FxQ9Z6phQMNq4lQP78z0ylXqEUBlwVuwyBtE3QQR750XSqgZRa2uL0WX15LrfoN-yIzGSL1VTY0A7lkvx8pU7HpowSnlrscjbFoQZH00SfSTwP9UDHIIwXhozz2UbiYDy256RF6roGFOZBqgFkzS1YN8OcHUy_WEeB-BfsT_CqopXAkWGPnklVWngRP_PH1EfrHiLl1vZmQnXboU60lEyXXRWUedrhUEpZmJH5dB_uKyxqyh6jrsEdS8h_OrhbN8_b9g_KEXNu8ywi4cT6vOb9qCyDoqf-lL5GA-vXsn7Tp0S2UOdN_gE8M_3hbMrdgNgsXVkO-m08ZxhnSkmLmgn6juo9ej5qa7buE_0E4cHpH5yGRvZJKXP7_AEiveQOKmg5tTKryGHikMR9J_xWGWlH_M6mnAT_58dO04GJ1QMW7ArffYmMekNBI794KsyfxhRd8yIbk9nw0MflQXv0JY1xND6EgYcDcgXSKcTNwnAoBd8cakSOWY6q9J7SdoZT2ylOl4G7sJuXq33r0X0JvskQBTr2ONQ00wB5xWeypPQ98HB75rciBZMBZbmhWwHtNLIlKp6fvE09w3H-mmVS-nQph4CSsLryMasQKm19SBqpYMYv5PToy2K6jtm_txO4q9PJV0kT238Rk5Lkw7oE-I6FDUAwRFEdXa2yg1BMq4CP5kFcZMBIj8m4lm6FZNNetLg_0YzLfV-bCqLFDuosah9IpX0txR8wrvaQFRcO7Duk2zs24_HsOQUZJ2EkQX3TVGk&cid=CAASJ-RoghXy4gO2GG_SSmDY30P2DOxN_xKpJ7w_9vrswB3jaOHCUsKeyQ&rfl=1%2Chttps%253A%252F%252Fwww.fox13now.com%252F%240
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
72a7a0d4b19c66ac5b0ae819887642a014278247272493f74a927455631c1120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33534
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ea22cbd5-c1a2-4b52-b19e-e0b6bdfa7d67
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/ Frame AE50 		785 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/ea22cbd5-c1a2-4b52-b19e-e0b6bdfa7d67
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
785
Content-Type
application/javascript
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1FCC 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEIHeluACGPz90rUBMAE&v=APEucNWdOGeasM5Uuf8MAbbiKX6VeaHrRkUvnI7Zz_JLXxyk3FWPRAyWqzvBX_E0GvBZ6ifUAobOaVbtIYthBxKZahDd1ixyv84EFfOQx6X2FycbSom_oDX1b6yuovm7mA_G0SrBWNKD1KwpQb-lwlhi6fvyPI1BNB5IWlly7z9b4jGp55EM668
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 May 2022 04:24:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame AE50 		80 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AsYgSxtywMOWhO-CGiGve61KgzLk9dZwbd-w4ygradIdId58TKfBl1PMAM8thh_qhRKfq-bnyeqSeFRkjju5cBNMRDO98OMLlj__8Ii_GyCR2E87mI2TadNyTpbHbwJxWOies5ha8KIiPH4fOD6jfW3A-Btg&dbm_d=AKAmf-ACgbm1eekfInFxgCZdlqGHHvABfpki4RQO6z5KXfUE4AoB9C8BX5vf-TxjL3wQTQ3ErV25_jA_-T4nHlZFvWM5hB55nZJ4zPNL6w08-ME7nB4kzUxt5qQaXBunuxM3Bul5S7RtEooqy5bWMBJ39F3NaxiRVmWRWACCJ8K0Y_R8ZVPYi7Qdpmhm8lmBRfTzc4YKwSgQN8gnjs9QSKQ9GMoMRtkjH_FAr0np7O8am180zyVVXM6yZwutwl4AvUMgzsbZ-PGSG9P6dzJLu0n4F4owa_5MAp--EcROLzN2KnH0bgkpKAWXkcGdmGjPqIs_QvP7jB0-1AHGMaxddC7F1G6I6KCZgvMYhGb_ET0qVPxiwZ51YZtphlJOhzhm8fRUHn2hOkiSfraXorso74la4OFyJW7w3mmz2zXsULHHI4wKlUfeP2PbKnenI1HUL1WAJqD4usMEd4bc435Uco1sFRpG_RVN6EXDMH0ZQZ_eqY-9KUbof5d9t328WEStU9EdeaMTJ3eujnGuXq6QUofX1uCMrr70apFjMBCrUW5eZAv0Rw8LOYH9IVpjOsInQoBjf1Sp8mo2gY8kiIcBxcRd0zttdWhIlZsgeJI4a0SYI0MAZeHk2DKM-Xt6CiElTnRGODuxDNYcMksPnEU1WeMR79DH_NBKONfxQXRflYiAKagURTcZyJUR7f63xy3NGAPrCDuhzapvrUA0u3pw5v62XURKIs5_0vqsyy3S7R59DJGqXEC_qsxmWp_B9_mUObAvWo1GoKbRMjqLzRjSqkiPBvblUdCyrLyEMVFFOLHem1BCMbhH7eEHSiHmMiw6O7SeCZ57QWbSgtppmQxHL0wEbu5OqkxAuQ8SzsojGGarMqfXhGJHqA2e4YvH8vZB0b0gGFYI6Dt7VBerZuzukTwVDCGjrUpl_VNjSx09q2I5NAGJK2irUOpcu4BaaMYuhrUdu6PhDNi9sLeJgo_z62EwBdzEWrd1EWlXRcKnbc-T5Nofo0vjesyXQWEvIVh2bs35ZQ8F1KcOi7fCtqKTzS3Z0hhrsUAVqq20q5_rEHuNYSjhQupn4Tj240xJYzkTvEsI0Vm_xPiiCJsajT_omyYVhQYTx46Q96vLahIakZSKPHhjOHDTUnROsW3Dpfb9FHv5TUMo7R55oTYJXB_xBN8qC9v7Tn_QAmhR2LhveXolbVXWW0g7Wc5ZgT3TWZTpFZsCkXqO4dIGxUQL04Fh47TlD2lFN9cpK3U6y2K_ox0Eub8xMmYzNKOHM7-bKf1YX3v7ZEhXUqWjvJ9OtMrmfnrVPEyLGpItA_EBu4Q6qrLJ9LPBNkBMomgnFOZwONGWgenNxqeaHegBKatbkIgBIP0vWFr9Nbs-Me2oJpPcT5DitZb9XESgbJ3DKbfrT0bL4JoZQxG8VZ6EGdub7w2TByjXScQOYuy78rAsWxS3tewosmbeg637pImSXBLcsF71fiztp5mTbyLc8wq0gxV6cMJtkQeQBUWZhTVbD0fupoI_bu3rKwpgne3sd7BSRGmqSytf7HT2noBfnlgfmA4QMPeuhk8G2puRQh1xvf7c9Q0IqAoqT9o4BMvcGXRVzObbYc0cAfYY6zMhYOG8W-tQInE0KzRwFYhJN7x76pqQVpJEBZzkDTCPvg-XBFvxMLStXxJlRHXjMFWf0Ko3xfpMVXRGsBsKpzXsk-yXriELYgOSvvUn1NUUWeZI_pxiRJJ9DTjd3X1R1jVKJDw9nlP9CdPTuJUcvYoUFes7DrW9-sYE7JbfbTBfm6zU9vTx-YAZq75BKOyf47r2XoX7R85CIrhy3A3sCbCmTYYrViesf6MGNF_xjU6ExGD2RHjIofY3AjjzxiW2TRS60EXH_u29GillvGf1vplh-OZkA0zuTajtIJy8lZsrfzdDjAhJcqsG0b6JEcICsWHNAVyYPwq699NqMZxN_BVwWVpgNlPF15hI6QA0rGnbemRb0NkKZZ7saOnxL4wVNnHMeP2RKORF-EUtyGZT1JdNISoa0eaTl37XM8L4A2tT9OzsIExoUr2HoRVSKGrSFh1kMLvf3G8BH_X9iPl_oH_VayKEx1os5X6mZymlUGI9CmUAH9NFEWVcZWFo_OHIF8aF_JSU3MLxMXteg4XVS_p2GJkF8c5vLrVZFF0uOYrK_mlnbbVtci8WgUUmk5KdxfeueB5vL_yMmeo01kesGAjZy1AXWxX_fbiIbWJ73Ik-TzxpIIWx0M42S_skjMAz1rnKUY7Fi3RICnUNcTk4bRAzGzI3wHX7rk8lha6pMayvBLB6uLVMZq5fviEfGP9YSohugoE_BXRqCypiU26OXrGRVRhUEk-i4N4I_n77Gwv8LCFaZddIxwcOybDGUKVLH9eBuAMRVsAAYlcnLi9Jk-gdItrI8FHaMx6VsXVMCj0eB0QDtOInjMhyuND5n3KrDEd25Wg9-aXe4CmWUVlYokoWrV9eLKwcTt-kpZXAHi7I4SRXCfoTx-a88NABnGaB6GiaN8slSWdWW3RIcPv548d-rjtdpsCb1SBpAyecpoTtPepshfIY1soVri9FkrAoziUZGm8ciUdC2-6YIaqMbk2ZRVUfBhXbV-hGOW_NzSDlDDMhnGAmi2mGHB-JQlOfZ6qsTEGmAf9OqxQ8u0y1Vbg0RNgAuRW29w-Cx000Mb8cJpW1j0G9S9WFfzg6QF_wqOL5nWwMUPepaLiY8VfjHwVg5LdGg6ITCH4HmAba_Bvbyxe4ueu6AXEUNSSQbb639KiL-aptdQsuF0uJjMHGRaBERIQHRLvC7NbAOvzyu7m7dKEHpVQZo3bG3zw1pUTmLA_qsiMenzbSNoq4PGcndiw6T6UW9QECtKz7iadExyaxA5hab48Vm6SjRuoXpCOpAeQXPR6UKAqsxgxGQneEJGrSS6HcA7EZs-hLAwbPYhOM-2NSn_rrsaOPgcQCQp7896XHluxqFyxoxA4hv2zYiVtTHFzlmQKWgb8oLGxmeugyoTsYb2dr8tRpichRfjPlUrRbZnNHSJjJrmQfRV0mF0ptnHaqEphtMgxCpJ4D62gvBX3xw0_c7D_BUBRvHKoKOZSdTTTpLRsHvvNYfpnTDnrC1Ao25olBJ1L_6E8r6egtE54&cid=CAASJ-RoJHJQAkiXQpZchQ-3H2PbzaS5waDBfnKGiLfT2P46swRhu8HPaA&rfl=1%2Chttps%253A%252F%252Fwww.fox13now.com%252F%240
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
12d38a62d57d835c37a23b14446c3b6c7491632b1055d4a0933e57bca481daa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33463
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0DF7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKM8WR2VaICYw9pmsbWvZo&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKM8WR2VaICYw9pmsbWvZo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhChpIcCGIq5mccBMAE&v=APEucNUYkcEqzNqmhA6NhhfXCfxC7-kpz4fw5A6C01Z2z4CGtYgg6I7MpEaMvjfc3Ud6wtYtM5egTuhKOnCtvQoJgMBdaej0GVU96yT3PTm9F2ZERmy8e9Z3NPU7l8Bn7-3KnS7IaqxrxkE8P_gPjyNTQlQe9C58DstvuqM9jYY_bQAzBLpJVq8
Protocol
HTTP/1.1
Server
104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 May 2022 04:24:22 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKM8WR2VaICYw9pmsbWvZo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0DF7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ym9c9hkFj-qPLj-uiMyvHgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKM8WR2VaICYw9pmsbWvZo&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKM8WR2VaICYw9pmsbWvZo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhChpIcCGIq5mccBMAE&v=APEucNUYkcEqzNqmhA6NhhfXCfxC7-kpz4fw5A6C01Z2z4CGtYgg6I7MpEaMvjfc3Ud6wtYtM5egTuhKOnCtvQoJgMBdaej0GVU96yT3PTm9F2ZERmy8e9Z3NPU7l8Bn7-3KnS7IaqxrxkE8P_gPjyNTQlQe9C58DstvuqM9jYY_bQAzBLpJVq8
Protocol
HTTP/1.1
Server
104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 May 2022 04:24:22 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKM8WR2VaICYw9pmsbWvZo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 0DF7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFc3BjWNPiEC33Cl1SMUFyk&google_cver=1
43 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFc3BjWNPiEC33Cl1SMUFyk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhChpIcCGIq5mccBMAE&v=APEucNUYkcEqzNqmhA6NhhfXCfxC7-kpz4fw5A6C01Z2z4CGtYgg6I7MpEaMvjfc3Ud6wtYtM5egTuhKOnCtvQoJgMBdaej0GVU96yT3PTm9F2ZERmy8e9Z3NPU7l8Bn7-3KnS7IaqxrxkE8P_gPjyNTQlQe9C58DstvuqM9jYY_bQAzBLpJVq8
Protocol
HTTP/1.1
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:22 GMT
X-Proxy-Origin
37.58.58.246; 37.58.58.246; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f636ef18-b7aa-4b31-b8a9-88454dc25b87
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFc3BjWNPiEC33Cl1SMUFyk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0DF7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ5NjUyNzYyMTU3NTE1NDQ4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ5NjUyNzYyMTU3NTE1NDQ4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhChpIcCGIq5mccBMAE&v=APEucNUYkcEqzNqmhA6NhhfXCfxC7-kpz4fw5A6C01Z2z4CGtYgg6I7MpEaMvjfc3Ud6wtYtM5egTuhKOnCtvQoJgMBdaej0GVU96yT3PTm9F2ZERmy8e9Z3NPU7l8Bn7-3KnS7IaqxrxkE8P_gPjyNTQlQe9C58DstvuqM9jYY_bQAzBLpJVq8
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:22 GMT
X-Proxy-Origin
37.58.58.246; 37.58.58.246; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
117148cf-bf64-449d-8f83-8b5edf2ae513
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ5NjUyNzYyMTU3NTE1NDQ4
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
singleAnimationOnFeed.js
widgets.outbrain.com/nanoWidget/2000692/module/ 		503 B
811 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000692/module/singleAnimationOnFeed.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.29.173 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-173.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2a79e90edbe846d09a8e7b14eade333cfb73e19980f78ca2102a9b6958329860

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:22 GMT
last-modified
Thu, 28 Apr 2022 16:16:18 GMT
server
AkamaiNetStorage
etag
"c323911dccd1c289d978ec5fed69d2da:1651164199.684355"
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
503
expires
Mon, 02 May 2022 08:24:22 GMT
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=d4dea8de86ade4b15883f7e8fa806fc4&pvId=fbbe774e2854133eb33a56d95fd49d78&sid=848723&pid=38984&idx=2&wId=974&pad=0&org=0&tm=2762&eT=0&cnsnt=no_consent&widgetWidth=610&widgetHeight=0&widgetX=325&widgetY=3985&wRV=2000692&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=289&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:22 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
ac595f46b1ce0739f25c1f4d89c74394
Content-Length
4
Expires
0
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=3ee7b3fee90c93264c9b1f418dc7d373&pvId=fbbe774e2854133eb33a56d95fd49d78&sid=848723&pid=38984&idx=3&wId=975&pad=0&org=0&tm=2765&eT=0&cnsnt=no_consent&widgetWidth=610&widgetHeight=0&widgetX=325&widgetY=3985&wRV=2000692&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=289&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:22 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
0d2fb60f7d41a12b5cc84ac08c8fe56a
Content-Length
4
Expires
0
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=2d423db77e13ea0ef6e733b2dfd09d0c&pvId=fbbe774e2854133eb33a56d95fd49d78&sid=848723&pid=38984&idx=4&wId=974&pad=0&org=0&tm=2766&eT=0&cnsnt=no_consent&widgetWidth=610&widgetHeight=0&widgetX=325&widgetY=3985&wRV=2000692&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=289&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:22 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
edca00d708c32e1ead949b52790818f0
Content-Length
4
Expires
0
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame D9E7 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
Origin
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 16:41:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42196
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 May 2022 16:41:06 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/ Frame D9E7 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5osqOi_0ahGHNvHWfWc978wrrW2kHl4Di1wCjw_ykPPdFXd7oL7v8Oy0t0ynckRHCib3KUCOubO-t5U7jQn4HESzjyxlX1LaxqMbvs14qJDp_rdL89tOtOBDmUme6fSUmyrhvFoW8CAP_UH0c8nXBa2cf_g&dbm_d=AKAmf-DfFP1_NDinREjT2KBU3CX83ax4dyQ8TdGkB3OP6GQEqLi9MX0E7nEvQ-4By3_65DQfS6cNXkjptYmX0i_Gk0nhkYeNOI1XpjzxdkVuMiauNE5phCsfqRrBaAhYJ2vqVv9_SQuGJyEZ11JUOah9leq8Gtm8SpADNxBtj3oRLC_wgXmvZgqQpeL_DE63OYXEC4udGjK92BgS2y03Ct5S19fpyH2UleH6y_R0y2DQJfWtPzNw1-LEbwaLFoUToncD0B95VzTkOl0Q-kHVVPOCOw8EK-1VsZaD153VFWuY1Pu7kjnWzGYNXn2IOLTuTChvXnYf21i6SYdSZcChSLkScZDGzKQ2_qFsLw4V0uFQB207yuUnO4PbQodn1Byz_eWY2QPJWkt7PeOyMVfAvBCuLqul5v_WLwMXKqjpTMenQH6pb4mMI-OJLNHkS6M2q_3MERVtQ3Fw2hf2dvxrnqw73_Bb8R2kt2HshEjMSQgfWS9xZf9kLNMvufJNgzjQo15Ly9WEsbzVNlw_9ZnrCe_Yaqhri2ewYuzLozpGdk-fteD3dDx3iMaX4sS9aDX_T4HwaK__zfazt9ykOaOH1pbiVz4DB6by3lJt8PV83JU2fW5Kj9tMwuIx66r_TtdWalc6pyigkAPednz-7Vl7TBJ1W_6N0rLqkfDKxltBCM44SWUhXftN9P3tQXDKiVOOW4UREzOii_UZ88zE-3oMhuUaY2-FImtsLxxgyFTOYQUMlH22JXtcbWff8L3L0HDLkP7pFdQqRahppO-UwDSJH-oYY4wxgDX3JV4e2qHG9mMpm1XTr_o4h6kg1MhJYU4TBahihDjkyZdJvRFcx3IHGfPw_iHv0olNbJK3ip53gzicRTPKrQ9AEYblA0nwzdxES0Rqil_aOYXMKpPsCdMaqfnV1Nseb4eJt4rllcsEXAdC6kBDZazJGLOWKpAtMUUhF7gf0YhSX4ee5AcPIcpcknR5FXFBJdDs83tR83eK1JPnPL4Cd3DkD7FS1B3MrsfGiLf008j7fIX88eEPj_jrvmbYU0z3vQFpEKKyHbcjutGTg8VHoLOXvdy9CUbgaO7MiPFKrKS_JtiEPx_Z7coQ1Zonmi8S0hMesupGCn8gwWy-4XPAaGgYItpWn0NOb6V2ljYOdd3-9jzhIvNM0vDABfzgAqre0UlIFm86nQjAfie-LcIfXTeIf7lMba4gOlKU2nvtX4unW27ONxjvGCZy4n8nF-xqMdHotXdPCqCNJ9qSm9lhnSa_IIgTga2M9H-cj005q_j4TxtGE6wx-3RhallZxHZTgWtdKmo_3U0JkfXGVNkdA6x4OylQuYB7u4YfeCF-4kTHxZJHTvh-SvT4g_0zt4A5z0GTEgOzKibSBidPxZRAhJkapWFp4Yi4XeWA2lvU9DzRw4YdbZslWFBrZpW6o9RGf_U9FyjjbUjtge3enooobp5iGS8GC_I0NjcFJ1xAzQMCgtrd6gYcWyfC6v5pay5aad9aMMbHFeSWEIBlllRiwE5W5TQEmv0XiYoX_i3BHbaUjjduxSWXVM-iX316_WYoGrezWRTBU8QlTXA-LlTiJTHyG8AhXvStE2jgA5MrOC6DY_AQn32Rq3ku_A4oR7FTPs2p3EGwSyvL7AdoKayuBazVa3yr1031cjqWHM-SDPMqBbV-oaaFxcuPWWn1rPMXuOatswUiApvjkZ2i07nEmz-QU9kDqKPgJw4m0VmAZcjYy0_Xo5EC5OHa3YXhSp9pwzYLU2H3b6qCu7OcUki7xVh9TpC0MpdLxGU6v33D6usHjeG7LrCO3efxq9hIQWVwp4KV_G1tzYZP6ne9NAnk01Q4qZL2A8qter6lnyFgk-6UjwtGWHUcOH2xomhVnogT7NIYaX5nKnO3ebASOikK1Wnb2wn_Hx-bsuva6JZeyV_OSwc3YOqkb5ZoT5txqSTYorA2RE4kd30SAm7pqqCmRFyV4U1x4Q00dlEpJhUiLUNn_2dYDCkcWk29quE4cf29Ajy6mxyxeqLd2t_jIAWebtKabgQuKk2EhrK2FnO7-a2PW9zfDyEn2uwNuD1Zi0estYgdNAeMSb212ESZCRwAbHN8_cuwSPtJhKU7_e4GCIfoM4H6DtZOkvJucal9NrzskBMUbCSUXv-COjAyTxBlxHonbPkyGUcUQEw_NElxfCAPF46rn9uYstGHJM4kCpDj-jT9TvDc8OVOEIeju75sas3BLuFKIVNvUUnn2JI3xtSo7ZyqT0O1Z1LiHg5s81rylvCM1YvAlaXzQcHKmOcCu6mclq99IORnUdNPPEw37ADOxET4SRhB0qbNYQBiRg3nSM3dfWPNbRRDMtJvAwJ26UUKQ5CWxl69kedof6yfmwzCYy9WzQTRWaDoPA7NajT75wvqvNnj0A0TRwRzeLpIY4UJ2_16oD4ltUeaJpKNNX2gHI_203-uZZ2xJgPPYGY5GWeS1kK2mVJKAK3wJoePRNxFIbWLiRd1wO8N9-uNI6XAqMAGKm4LlyeGat4QTC8Tsmfeq_ieS0u6pMcp5rHJwVpkh3e5SKWCFAE4e01OAFEFUK2xcONTXXON2MR-zP_GUQCZCQKza18K17gyxql04G0_gyGbaAyuT_eMUW8GqhIjXA7o-lskdcGiKLyfwb7pTxfGBNDviajzOD8s7ve15_wffzCFMy0r_k4VdD86hMA-T6zwKh-iOQZtSKa_ywPblZyIa8GeOi_dMBnkXnZLVNXKFPImKxmrtY16n-EPEs27z61EvIwGj5wl9c8jVsi7VmN13OYBIHTmbTtHspkTEuvYDXHSka_vhQU4-z0-5b-fkuZa1jI6aAXw8zEAxl2JNCBRFXS7z1fCp3zndlVsXjnngTNgsKzLOA6xycwBfquDSH-UiluWQVlPuFS-s_tFAH8_s-vd6HSBC6nVNI60Fz4fIh4Z7kMmnu0WpibIIf0TLiAMsC0_19qWpAeXsT_R_qPKxgUmvXF_pKezfT-sH3i2dZKIM3qnX19GDIPljbena4Tbi54VeeisDXRHVLTm7Lu2Hu6qwA-BXuF6PYGtGaFpj94p7gPFCSYYadnSUU0OHWAlCkCDpzjrd-NSsWMmp7Na3VMacX3dSZY2aa9aBxZDPojwTnY7uwvzOlmL2Bir0gbAbeCaexK0wzqSkDiIO4WqfK5e_8vUqxPYHBBVKFkD7YtxLJlgN4LiNhwSHWztNo19A3YmUIYUI0KZOHo5AVXvkUvOZKbfXj2myUBRt0Itxs5mQ1h56Y_W3EV3Zm8EhWGTvcV_zuAGSwr5JQ0hwHsHK0glp9wJj1x50cyIdg0D__4xd64AATxD5h2erjol-kPh&cid=CAASKORoNLf8EGZaSZSaMDNZjPl-G3W4DqxVsDmAEpS2dvM38-q121mSGyI&rfl=1%2Chttps%253A%252F%252Fwww.fox13now.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:11:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
799
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 May 2022 04:11:03 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame D9E7 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5osqOi_0ahGHNvHWfWc978wrrW2kHl4Di1wCjw_ykPPdFXd7oL7v8Oy0t0ynckRHCib3KUCOubO-t5U7jQn4HESzjyxlX1LaxqMbvs14qJDp_rdL89tOtOBDmUme6fSUmyrhvFoW8CAP_UH0c8nXBa2cf_g&dbm_d=AKAmf-DfFP1_NDinREjT2KBU3CX83ax4dyQ8TdGkB3OP6GQEqLi9MX0E7nEvQ-4By3_65DQfS6cNXkjptYmX0i_Gk0nhkYeNOI1XpjzxdkVuMiauNE5phCsfqRrBaAhYJ2vqVv9_SQuGJyEZ11JUOah9leq8Gtm8SpADNxBtj3oRLC_wgXmvZgqQpeL_DE63OYXEC4udGjK92BgS2y03Ct5S19fpyH2UleH6y_R0y2DQJfWtPzNw1-LEbwaLFoUToncD0B95VzTkOl0Q-kHVVPOCOw8EK-1VsZaD153VFWuY1Pu7kjnWzGYNXn2IOLTuTChvXnYf21i6SYdSZcChSLkScZDGzKQ2_qFsLw4V0uFQB207yuUnO4PbQodn1Byz_eWY2QPJWkt7PeOyMVfAvBCuLqul5v_WLwMXKqjpTMenQH6pb4mMI-OJLNHkS6M2q_3MERVtQ3Fw2hf2dvxrnqw73_Bb8R2kt2HshEjMSQgfWS9xZf9kLNMvufJNgzjQo15Ly9WEsbzVNlw_9ZnrCe_Yaqhri2ewYuzLozpGdk-fteD3dDx3iMaX4sS9aDX_T4HwaK__zfazt9ykOaOH1pbiVz4DB6by3lJt8PV83JU2fW5Kj9tMwuIx66r_TtdWalc6pyigkAPednz-7Vl7TBJ1W_6N0rLqkfDKxltBCM44SWUhXftN9P3tQXDKiVOOW4UREzOii_UZ88zE-3oMhuUaY2-FImtsLxxgyFTOYQUMlH22JXtcbWff8L3L0HDLkP7pFdQqRahppO-UwDSJH-oYY4wxgDX3JV4e2qHG9mMpm1XTr_o4h6kg1MhJYU4TBahihDjkyZdJvRFcx3IHGfPw_iHv0olNbJK3ip53gzicRTPKrQ9AEYblA0nwzdxES0Rqil_aOYXMKpPsCdMaqfnV1Nseb4eJt4rllcsEXAdC6kBDZazJGLOWKpAtMUUhF7gf0YhSX4ee5AcPIcpcknR5FXFBJdDs83tR83eK1JPnPL4Cd3DkD7FS1B3MrsfGiLf008j7fIX88eEPj_jrvmbYU0z3vQFpEKKyHbcjutGTg8VHoLOXvdy9CUbgaO7MiPFKrKS_JtiEPx_Z7coQ1Zonmi8S0hMesupGCn8gwWy-4XPAaGgYItpWn0NOb6V2ljYOdd3-9jzhIvNM0vDABfzgAqre0UlIFm86nQjAfie-LcIfXTeIf7lMba4gOlKU2nvtX4unW27ONxjvGCZy4n8nF-xqMdHotXdPCqCNJ9qSm9lhnSa_IIgTga2M9H-cj005q_j4TxtGE6wx-3RhallZxHZTgWtdKmo_3U0JkfXGVNkdA6x4OylQuYB7u4YfeCF-4kTHxZJHTvh-SvT4g_0zt4A5z0GTEgOzKibSBidPxZRAhJkapWFp4Yi4XeWA2lvU9DzRw4YdbZslWFBrZpW6o9RGf_U9FyjjbUjtge3enooobp5iGS8GC_I0NjcFJ1xAzQMCgtrd6gYcWyfC6v5pay5aad9aMMbHFeSWEIBlllRiwE5W5TQEmv0XiYoX_i3BHbaUjjduxSWXVM-iX316_WYoGrezWRTBU8QlTXA-LlTiJTHyG8AhXvStE2jgA5MrOC6DY_AQn32Rq3ku_A4oR7FTPs2p3EGwSyvL7AdoKayuBazVa3yr1031cjqWHM-SDPMqBbV-oaaFxcuPWWn1rPMXuOatswUiApvjkZ2i07nEmz-QU9kDqKPgJw4m0VmAZcjYy0_Xo5EC5OHa3YXhSp9pwzYLU2H3b6qCu7OcUki7xVh9TpC0MpdLxGU6v33D6usHjeG7LrCO3efxq9hIQWVwp4KV_G1tzYZP6ne9NAnk01Q4qZL2A8qter6lnyFgk-6UjwtGWHUcOH2xomhVnogT7NIYaX5nKnO3ebASOikK1Wnb2wn_Hx-bsuva6JZeyV_OSwc3YOqkb5ZoT5txqSTYorA2RE4kd30SAm7pqqCmRFyV4U1x4Q00dlEpJhUiLUNn_2dYDCkcWk29quE4cf29Ajy6mxyxeqLd2t_jIAWebtKabgQuKk2EhrK2FnO7-a2PW9zfDyEn2uwNuD1Zi0estYgdNAeMSb212ESZCRwAbHN8_cuwSPtJhKU7_e4GCIfoM4H6DtZOkvJucal9NrzskBMUbCSUXv-COjAyTxBlxHonbPkyGUcUQEw_NElxfCAPF46rn9uYstGHJM4kCpDj-jT9TvDc8OVOEIeju75sas3BLuFKIVNvUUnn2JI3xtSo7ZyqT0O1Z1LiHg5s81rylvCM1YvAlaXzQcHKmOcCu6mclq99IORnUdNPPEw37ADOxET4SRhB0qbNYQBiRg3nSM3dfWPNbRRDMtJvAwJ26UUKQ5CWxl69kedof6yfmwzCYy9WzQTRWaDoPA7NajT75wvqvNnj0A0TRwRzeLpIY4UJ2_16oD4ltUeaJpKNNX2gHI_203-uZZ2xJgPPYGY5GWeS1kK2mVJKAK3wJoePRNxFIbWLiRd1wO8N9-uNI6XAqMAGKm4LlyeGat4QTC8Tsmfeq_ieS0u6pMcp5rHJwVpkh3e5SKWCFAE4e01OAFEFUK2xcONTXXON2MR-zP_GUQCZCQKza18K17gyxql04G0_gyGbaAyuT_eMUW8GqhIjXA7o-lskdcGiKLyfwb7pTxfGBNDviajzOD8s7ve15_wffzCFMy0r_k4VdD86hMA-T6zwKh-iOQZtSKa_ywPblZyIa8GeOi_dMBnkXnZLVNXKFPImKxmrtY16n-EPEs27z61EvIwGj5wl9c8jVsi7VmN13OYBIHTmbTtHspkTEuvYDXHSka_vhQU4-z0-5b-fkuZa1jI6aAXw8zEAxl2JNCBRFXS7z1fCp3zndlVsXjnngTNgsKzLOA6xycwBfquDSH-UiluWQVlPuFS-s_tFAH8_s-vd6HSBC6nVNI60Fz4fIh4Z7kMmnu0WpibIIf0TLiAMsC0_19qWpAeXsT_R_qPKxgUmvXF_pKezfT-sH3i2dZKIM3qnX19GDIPljbena4Tbi54VeeisDXRHVLTm7Lu2Hu6qwA-BXuF6PYGtGaFpj94p7gPFCSYYadnSUU0OHWAlCkCDpzjrd-NSsWMmp7Na3VMacX3dSZY2aa9aBxZDPojwTnY7uwvzOlmL2Bir0gbAbeCaexK0wzqSkDiIO4WqfK5e_8vUqxPYHBBVKFkD7YtxLJlgN4LiNhwSHWztNo19A3YmUIYUI0KZOHo5AVXvkUvOZKbfXj2myUBRt0Itxs5mQ1h56Y_W3EV3Zm8EhWGTvcV_zuAGSwr5JQ0hwHsHK0glp9wJj1x50cyIdg0D__4xd64AATxD5h2erjol-kPh&cid=CAASKORoNLf8EGZaSZSaMDNZjPl-G3W4DqxVsDmAEpS2dvM38-q121mSGyI&rfl=1%2Chttps%253A%252F%252Fwww.fox13now.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:14:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
563
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9783
x-xss-protection
0
server
cafe
etag
9821519945299111448
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 May 2022 04:14:59 GMT
sd
us-u.openx.net/w/1.0/ Frame 1FCC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDjrmuJbYmL320JGeYKttfo&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDjrmuJbYmL320JGeYKttfo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEIHeluACGPz90rUBMAE&v=APEucNWdOGeasM5Uuf8MAbbiKX6VeaHrRkUvnI7Zz_JLXxyk3FWPRAyWqzvBX_E0GvBZ6ifUAobOaVbtIYthBxKZahDd1ixyv84EFfOQx6X2FycbSom_oDX1b6yuovm7mA_G0SrBWNKD1KwpQb-lwlhi6fvyPI1BNB5IWlly7z9b4jGp55EM668
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:22 GMT
via
1.1 google
server
OXGW/18.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDjrmuJbYmL320JGeYKttfo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 1FCC 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEIHeluACGPz90rUBMAE&v=APEucNWdOGeasM5Uuf8MAbbiKX6VeaHrRkUvnI7Zz_JLXxyk3FWPRAyWqzvBX_E0GvBZ6ifUAobOaVbtIYthBxKZahDd1ixyv84EFfOQx6X2FycbSom_oDX1b6yuovm7mA_G0SrBWNKD1KwpQb-lwlhi6fvyPI1BNB5IWlly7z9b4jGp55EM668
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:22 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 1FCC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEEVFUlwBPOckeBqZtWG3MFc&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEEVFUlwBPOckeBqZtWG3MFc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEIHeluACGPz90rUBMAE&v=APEucNWdOGeasM5Uuf8MAbbiKX6VeaHrRkUvnI7Zz_JLXxyk3FWPRAyWqzvBX_E0GvBZ6ifUAobOaVbtIYthBxKZahDd1ixyv84EFfOQx6X2FycbSom_oDX1b6yuovm7mA_G0SrBWNKD1KwpQb-lwlhi6fvyPI1BNB5IWlly7z9b4jGp55EM668
Protocol
H2
Server
104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-28-165.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:22 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 02 May 2022 04:24:22 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEEVFUlwBPOckeBqZtWG3MFc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 1FCC 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEIHeluACGPz90rUBMAE&v=APEucNWdOGeasM5Uuf8MAbbiKX6VeaHrRkUvnI7Zz_JLXxyk3FWPRAyWqzvBX_E0GvBZ6ifUAobOaVbtIYthBxKZahDd1ixyv84EFfOQx6X2FycbSom_oDX1b6yuovm7mA_G0SrBWNKD1KwpQb-lwlhi6fvyPI1BNB5IWlly7z9b4jGp55EM668
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-28-165.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:22 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 02 May 2022 04:24:22 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 0706
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDjrmuJbYmL320JGeYKttfo&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDjrmuJbYmL320JGeYKttfo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEIHeluACGPH-0rUBMAE&v=APEucNWnHCM_vCfIvjzXPx5kiQkwoqQs-nkwZvajYf5tXS80OFDcfXODxnaZNF9az5c3W8Gfy0oRZmYRMQaTlTjsw2QhN5vDFmPUBfK231MPp0kI4Co1RcwwB7mA0l71D-iS-QNqY0Dc8wQ2afId21joszSdkUvHo7OhUWUGWjhZQUfA5PHKJyY
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:22 GMT
via
1.1 google
server
OXGW/18.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDjrmuJbYmL320JGeYKttfo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 0706 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEIHeluACGPH-0rUBMAE&v=APEucNWnHCM_vCfIvjzXPx5kiQkwoqQs-nkwZvajYf5tXS80OFDcfXODxnaZNF9az5c3W8Gfy0oRZmYRMQaTlTjsw2QhN5vDFmPUBfK231MPp0kI4Co1RcwwB7mA0l71D-iS-QNqY0Dc8wQ2afId21joszSdkUvHo7OhUWUGWjhZQUfA5PHKJyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:22 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 0706
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEEVFUlwBPOckeBqZtWG3MFc&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEEVFUlwBPOckeBqZtWG3MFc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEIHeluACGPH-0rUBMAE&v=APEucNWnHCM_vCfIvjzXPx5kiQkwoqQs-nkwZvajYf5tXS80OFDcfXODxnaZNF9az5c3W8Gfy0oRZmYRMQaTlTjsw2QhN5vDFmPUBfK231MPp0kI4Co1RcwwB7mA0l71D-iS-QNqY0Dc8wQ2afId21joszSdkUvHo7OhUWUGWjhZQUfA5PHKJyY
Protocol
H2
Server
104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-28-165.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:22 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 02 May 2022 04:24:22 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEEVFUlwBPOckeBqZtWG3MFc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 0706 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEIHeluACGPH-0rUBMAE&v=APEucNWnHCM_vCfIvjzXPx5kiQkwoqQs-nkwZvajYf5tXS80OFDcfXODxnaZNF9az5c3W8Gfy0oRZmYRMQaTlTjsw2QhN5vDFmPUBfK231MPp0kI4Co1RcwwB7mA0l71D-iS-QNqY0Dc8wQ2afId21joszSdkUvHo7OhUWUGWjhZQUfA5PHKJyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-28-165.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:22 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 02 May 2022 04:24:22 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame AE50 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
Origin
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 16:41:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42196
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 May 2022 16:41:06 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/ Frame AE50 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AsYgSxtywMOWhO-CGiGve61KgzLk9dZwbd-w4ygradIdId58TKfBl1PMAM8thh_qhRKfq-bnyeqSeFRkjju5cBNMRDO98OMLlj__8Ii_GyCR2E87mI2TadNyTpbHbwJxWOies5ha8KIiPH4fOD6jfW3A-Btg&dbm_d=AKAmf-ACgbm1eekfInFxgCZdlqGHHvABfpki4RQO6z5KXfUE4AoB9C8BX5vf-TxjL3wQTQ3ErV25_jA_-T4nHlZFvWM5hB55nZJ4zPNL6w08-ME7nB4kzUxt5qQaXBunuxM3Bul5S7RtEooqy5bWMBJ39F3NaxiRVmWRWACCJ8K0Y_R8ZVPYi7Qdpmhm8lmBRfTzc4YKwSgQN8gnjs9QSKQ9GMoMRtkjH_FAr0np7O8am180zyVVXM6yZwutwl4AvUMgzsbZ-PGSG9P6dzJLu0n4F4owa_5MAp--EcROLzN2KnH0bgkpKAWXkcGdmGjPqIs_QvP7jB0-1AHGMaxddC7F1G6I6KCZgvMYhGb_ET0qVPxiwZ51YZtphlJOhzhm8fRUHn2hOkiSfraXorso74la4OFyJW7w3mmz2zXsULHHI4wKlUfeP2PbKnenI1HUL1WAJqD4usMEd4bc435Uco1sFRpG_RVN6EXDMH0ZQZ_eqY-9KUbof5d9t328WEStU9EdeaMTJ3eujnGuXq6QUofX1uCMrr70apFjMBCrUW5eZAv0Rw8LOYH9IVpjOsInQoBjf1Sp8mo2gY8kiIcBxcRd0zttdWhIlZsgeJI4a0SYI0MAZeHk2DKM-Xt6CiElTnRGODuxDNYcMksPnEU1WeMR79DH_NBKONfxQXRflYiAKagURTcZyJUR7f63xy3NGAPrCDuhzapvrUA0u3pw5v62XURKIs5_0vqsyy3S7R59DJGqXEC_qsxmWp_B9_mUObAvWo1GoKbRMjqLzRjSqkiPBvblUdCyrLyEMVFFOLHem1BCMbhH7eEHSiHmMiw6O7SeCZ57QWbSgtppmQxHL0wEbu5OqkxAuQ8SzsojGGarMqfXhGJHqA2e4YvH8vZB0b0gGFYI6Dt7VBerZuzukTwVDCGjrUpl_VNjSx09q2I5NAGJK2irUOpcu4BaaMYuhrUdu6PhDNi9sLeJgo_z62EwBdzEWrd1EWlXRcKnbc-T5Nofo0vjesyXQWEvIVh2bs35ZQ8F1KcOi7fCtqKTzS3Z0hhrsUAVqq20q5_rEHuNYSjhQupn4Tj240xJYzkTvEsI0Vm_xPiiCJsajT_omyYVhQYTx46Q96vLahIakZSKPHhjOHDTUnROsW3Dpfb9FHv5TUMo7R55oTYJXB_xBN8qC9v7Tn_QAmhR2LhveXolbVXWW0g7Wc5ZgT3TWZTpFZsCkXqO4dIGxUQL04Fh47TlD2lFN9cpK3U6y2K_ox0Eub8xMmYzNKOHM7-bKf1YX3v7ZEhXUqWjvJ9OtMrmfnrVPEyLGpItA_EBu4Q6qrLJ9LPBNkBMomgnFOZwONGWgenNxqeaHegBKatbkIgBIP0vWFr9Nbs-Me2oJpPcT5DitZb9XESgbJ3DKbfrT0bL4JoZQxG8VZ6EGdub7w2TByjXScQOYuy78rAsWxS3tewosmbeg637pImSXBLcsF71fiztp5mTbyLc8wq0gxV6cMJtkQeQBUWZhTVbD0fupoI_bu3rKwpgne3sd7BSRGmqSytf7HT2noBfnlgfmA4QMPeuhk8G2puRQh1xvf7c9Q0IqAoqT9o4BMvcGXRVzObbYc0cAfYY6zMhYOG8W-tQInE0KzRwFYhJN7x76pqQVpJEBZzkDTCPvg-XBFvxMLStXxJlRHXjMFWf0Ko3xfpMVXRGsBsKpzXsk-yXriELYgOSvvUn1NUUWeZI_pxiRJJ9DTjd3X1R1jVKJDw9nlP9CdPTuJUcvYoUFes7DrW9-sYE7JbfbTBfm6zU9vTx-YAZq75BKOyf47r2XoX7R85CIrhy3A3sCbCmTYYrViesf6MGNF_xjU6ExGD2RHjIofY3AjjzxiW2TRS60EXH_u29GillvGf1vplh-OZkA0zuTajtIJy8lZsrfzdDjAhJcqsG0b6JEcICsWHNAVyYPwq699NqMZxN_BVwWVpgNlPF15hI6QA0rGnbemRb0NkKZZ7saOnxL4wVNnHMeP2RKORF-EUtyGZT1JdNISoa0eaTl37XM8L4A2tT9OzsIExoUr2HoRVSKGrSFh1kMLvf3G8BH_X9iPl_oH_VayKEx1os5X6mZymlUGI9CmUAH9NFEWVcZWFo_OHIF8aF_JSU3MLxMXteg4XVS_p2GJkF8c5vLrVZFF0uOYrK_mlnbbVtci8WgUUmk5KdxfeueB5vL_yMmeo01kesGAjZy1AXWxX_fbiIbWJ73Ik-TzxpIIWx0M42S_skjMAz1rnKUY7Fi3RICnUNcTk4bRAzGzI3wHX7rk8lha6pMayvBLB6uLVMZq5fviEfGP9YSohugoE_BXRqCypiU26OXrGRVRhUEk-i4N4I_n77Gwv8LCFaZddIxwcOybDGUKVLH9eBuAMRVsAAYlcnLi9Jk-gdItrI8FHaMx6VsXVMCj0eB0QDtOInjMhyuND5n3KrDEd25Wg9-aXe4CmWUVlYokoWrV9eLKwcTt-kpZXAHi7I4SRXCfoTx-a88NABnGaB6GiaN8slSWdWW3RIcPv548d-rjtdpsCb1SBpAyecpoTtPepshfIY1soVri9FkrAoziUZGm8ciUdC2-6YIaqMbk2ZRVUfBhXbV-hGOW_NzSDlDDMhnGAmi2mGHB-JQlOfZ6qsTEGmAf9OqxQ8u0y1Vbg0RNgAuRW29w-Cx000Mb8cJpW1j0G9S9WFfzg6QF_wqOL5nWwMUPepaLiY8VfjHwVg5LdGg6ITCH4HmAba_Bvbyxe4ueu6AXEUNSSQbb639KiL-aptdQsuF0uJjMHGRaBERIQHRLvC7NbAOvzyu7m7dKEHpVQZo3bG3zw1pUTmLA_qsiMenzbSNoq4PGcndiw6T6UW9QECtKz7iadExyaxA5hab48Vm6SjRuoXpCOpAeQXPR6UKAqsxgxGQneEJGrSS6HcA7EZs-hLAwbPYhOM-2NSn_rrsaOPgcQCQp7896XHluxqFyxoxA4hv2zYiVtTHFzlmQKWgb8oLGxmeugyoTsYb2dr8tRpichRfjPlUrRbZnNHSJjJrmQfRV0mF0ptnHaqEphtMgxCpJ4D62gvBX3xw0_c7D_BUBRvHKoKOZSdTTTpLRsHvvNYfpnTDnrC1Ao25olBJ1L_6E8r6egtE54&cid=CAASJ-RoJHJQAkiXQpZchQ-3H2PbzaS5waDBfnKGiLfT2P46swRhu8HPaA&rfl=1%2Chttps%253A%252F%252Fwww.fox13now.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:11:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
799
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 May 2022 04:11:03 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame AE50 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AsYgSxtywMOWhO-CGiGve61KgzLk9dZwbd-w4ygradIdId58TKfBl1PMAM8thh_qhRKfq-bnyeqSeFRkjju5cBNMRDO98OMLlj__8Ii_GyCR2E87mI2TadNyTpbHbwJxWOies5ha8KIiPH4fOD6jfW3A-Btg&dbm_d=AKAmf-ACgbm1eekfInFxgCZdlqGHHvABfpki4RQO6z5KXfUE4AoB9C8BX5vf-TxjL3wQTQ3ErV25_jA_-T4nHlZFvWM5hB55nZJ4zPNL6w08-ME7nB4kzUxt5qQaXBunuxM3Bul5S7RtEooqy5bWMBJ39F3NaxiRVmWRWACCJ8K0Y_R8ZVPYi7Qdpmhm8lmBRfTzc4YKwSgQN8gnjs9QSKQ9GMoMRtkjH_FAr0np7O8am180zyVVXM6yZwutwl4AvUMgzsbZ-PGSG9P6dzJLu0n4F4owa_5MAp--EcROLzN2KnH0bgkpKAWXkcGdmGjPqIs_QvP7jB0-1AHGMaxddC7F1G6I6KCZgvMYhGb_ET0qVPxiwZ51YZtphlJOhzhm8fRUHn2hOkiSfraXorso74la4OFyJW7w3mmz2zXsULHHI4wKlUfeP2PbKnenI1HUL1WAJqD4usMEd4bc435Uco1sFRpG_RVN6EXDMH0ZQZ_eqY-9KUbof5d9t328WEStU9EdeaMTJ3eujnGuXq6QUofX1uCMrr70apFjMBCrUW5eZAv0Rw8LOYH9IVpjOsInQoBjf1Sp8mo2gY8kiIcBxcRd0zttdWhIlZsgeJI4a0SYI0MAZeHk2DKM-Xt6CiElTnRGODuxDNYcMksPnEU1WeMR79DH_NBKONfxQXRflYiAKagURTcZyJUR7f63xy3NGAPrCDuhzapvrUA0u3pw5v62XURKIs5_0vqsyy3S7R59DJGqXEC_qsxmWp_B9_mUObAvWo1GoKbRMjqLzRjSqkiPBvblUdCyrLyEMVFFOLHem1BCMbhH7eEHSiHmMiw6O7SeCZ57QWbSgtppmQxHL0wEbu5OqkxAuQ8SzsojGGarMqfXhGJHqA2e4YvH8vZB0b0gGFYI6Dt7VBerZuzukTwVDCGjrUpl_VNjSx09q2I5NAGJK2irUOpcu4BaaMYuhrUdu6PhDNi9sLeJgo_z62EwBdzEWrd1EWlXRcKnbc-T5Nofo0vjesyXQWEvIVh2bs35ZQ8F1KcOi7fCtqKTzS3Z0hhrsUAVqq20q5_rEHuNYSjhQupn4Tj240xJYzkTvEsI0Vm_xPiiCJsajT_omyYVhQYTx46Q96vLahIakZSKPHhjOHDTUnROsW3Dpfb9FHv5TUMo7R55oTYJXB_xBN8qC9v7Tn_QAmhR2LhveXolbVXWW0g7Wc5ZgT3TWZTpFZsCkXqO4dIGxUQL04Fh47TlD2lFN9cpK3U6y2K_ox0Eub8xMmYzNKOHM7-bKf1YX3v7ZEhXUqWjvJ9OtMrmfnrVPEyLGpItA_EBu4Q6qrLJ9LPBNkBMomgnFOZwONGWgenNxqeaHegBKatbkIgBIP0vWFr9Nbs-Me2oJpPcT5DitZb9XESgbJ3DKbfrT0bL4JoZQxG8VZ6EGdub7w2TByjXScQOYuy78rAsWxS3tewosmbeg637pImSXBLcsF71fiztp5mTbyLc8wq0gxV6cMJtkQeQBUWZhTVbD0fupoI_bu3rKwpgne3sd7BSRGmqSytf7HT2noBfnlgfmA4QMPeuhk8G2puRQh1xvf7c9Q0IqAoqT9o4BMvcGXRVzObbYc0cAfYY6zMhYOG8W-tQInE0KzRwFYhJN7x76pqQVpJEBZzkDTCPvg-XBFvxMLStXxJlRHXjMFWf0Ko3xfpMVXRGsBsKpzXsk-yXriELYgOSvvUn1NUUWeZI_pxiRJJ9DTjd3X1R1jVKJDw9nlP9CdPTuJUcvYoUFes7DrW9-sYE7JbfbTBfm6zU9vTx-YAZq75BKOyf47r2XoX7R85CIrhy3A3sCbCmTYYrViesf6MGNF_xjU6ExGD2RHjIofY3AjjzxiW2TRS60EXH_u29GillvGf1vplh-OZkA0zuTajtIJy8lZsrfzdDjAhJcqsG0b6JEcICsWHNAVyYPwq699NqMZxN_BVwWVpgNlPF15hI6QA0rGnbemRb0NkKZZ7saOnxL4wVNnHMeP2RKORF-EUtyGZT1JdNISoa0eaTl37XM8L4A2tT9OzsIExoUr2HoRVSKGrSFh1kMLvf3G8BH_X9iPl_oH_VayKEx1os5X6mZymlUGI9CmUAH9NFEWVcZWFo_OHIF8aF_JSU3MLxMXteg4XVS_p2GJkF8c5vLrVZFF0uOYrK_mlnbbVtci8WgUUmk5KdxfeueB5vL_yMmeo01kesGAjZy1AXWxX_fbiIbWJ73Ik-TzxpIIWx0M42S_skjMAz1rnKUY7Fi3RICnUNcTk4bRAzGzI3wHX7rk8lha6pMayvBLB6uLVMZq5fviEfGP9YSohugoE_BXRqCypiU26OXrGRVRhUEk-i4N4I_n77Gwv8LCFaZddIxwcOybDGUKVLH9eBuAMRVsAAYlcnLi9Jk-gdItrI8FHaMx6VsXVMCj0eB0QDtOInjMhyuND5n3KrDEd25Wg9-aXe4CmWUVlYokoWrV9eLKwcTt-kpZXAHi7I4SRXCfoTx-a88NABnGaB6GiaN8slSWdWW3RIcPv548d-rjtdpsCb1SBpAyecpoTtPepshfIY1soVri9FkrAoziUZGm8ciUdC2-6YIaqMbk2ZRVUfBhXbV-hGOW_NzSDlDDMhnGAmi2mGHB-JQlOfZ6qsTEGmAf9OqxQ8u0y1Vbg0RNgAuRW29w-Cx000Mb8cJpW1j0G9S9WFfzg6QF_wqOL5nWwMUPepaLiY8VfjHwVg5LdGg6ITCH4HmAba_Bvbyxe4ueu6AXEUNSSQbb639KiL-aptdQsuF0uJjMHGRaBERIQHRLvC7NbAOvzyu7m7dKEHpVQZo3bG3zw1pUTmLA_qsiMenzbSNoq4PGcndiw6T6UW9QECtKz7iadExyaxA5hab48Vm6SjRuoXpCOpAeQXPR6UKAqsxgxGQneEJGrSS6HcA7EZs-hLAwbPYhOM-2NSn_rrsaOPgcQCQp7896XHluxqFyxoxA4hv2zYiVtTHFzlmQKWgb8oLGxmeugyoTsYb2dr8tRpichRfjPlUrRbZnNHSJjJrmQfRV0mF0ptnHaqEphtMgxCpJ4D62gvBX3xw0_c7D_BUBRvHKoKOZSdTTTpLRsHvvNYfpnTDnrC1Ao25olBJ1L_6E8r6egtE54&cid=CAASJ-RoJHJQAkiXQpZchQ-3H2PbzaS5waDBfnKGiLfT2P46swRhu8HPaA&rfl=1%2Chttps%253A%252F%252Fwww.fox13now.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:14:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
563
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9783
x-xss-protection
0
server
cafe
etag
9821519945299111448
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 May 2022 04:14:59 GMT
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 6655 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
Origin
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 16:41:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42196
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 May 2022 16:41:06 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/ Frame 6655 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsSIr6nrguwv5UZBT3VtDR1FEpQl8e9afcsg6nhbF5iZIXtGPlhjPJjIR88LOYCX4gFfwr_SI7P_2sXTzVfBUC7twrQqhkU_qH_NnCioQLUExUJ1X_ZP8Sm6qhszN7n4wLE40Yvray5kILTR8MTZoMLCzoMg&dbm_d=AKAmf-B_Pc99jkPDHRD1WMwhAALOoNGIjJLGEUu64zEs_BEXeCu9qNydZYJYDOIV4gaCZDSZKRzo7w7yl4fvyOcNzfVAJbNsMaVx0P8dYE26oqXzDiTMTLBWkhX3Qj_ZweTQBp6ujs3HZ_io2_hriaiAJkMzNm5XPeCeOrYc_LJoEkzdb39DldehdgT7gf3Rj9ro0TMUfYznNvb5hWxtjzpG17cjAQuC0nChnkD1qZxSCVbLt38ISqYxPDs3auIkmI9kbavMOeO_UitwCOyEAYszYmciKA2bNjQen-XAZx0UO5NhQAf2m9k_p1e-tyWD_FK6QfHzSsniVmB764adMlWc_fKw4r9Q4s4uiNjp6Ca87I82tXmdPVC8PkPSdnXl-tmrNWRJThxGVY3ISu1aw86IiL8pW1Ounx4dpKYDfLDlmEfcaEAO0pynwAlpJG5fq79Xb70Ae-o8oqxC02kYg8MJoI64jQ_y0WA1W7m-CgYRP5IvdOHClsyl4lr6WljEUaRWZmtuY6dodAsHj1DUPLkiw1UXl48qnvc99wIvL6ntR6DtjItqcByz74NIvSHUbhxr6Mcpyjdc1wQNTE5ffwRH1VP8ZNaj0gECZ3nJlmS_HIfsRG-cv0aY1mG0XOmyDfh1foK6MpZ6vR_Dnk8OqK46sHCpZODfDLSra2xjQ_NmlGzxGyv2m-R-hQdbeq0hHyb9yKPBnRwiHHLLH_XsIirPt3vZra-eo4IyoIDHdzHa7BItqSYMs3bEk1viug7m7X4P3wwfVPqwcbo6e7XrrH3IKBd2xfpY0_PnczcEfO7Ph-RqErolSt5t4IHlfDVnmJEJyl3c4Z3fGsr-_CoRBXzpW06DGzOBaSRpdj88tZ2Wf2uoBV6pnSnJrfLhAI84tzdgdS_s6lzce6GQgOtb1mWPZUjSoYZ7Vz67XbhfRSs2EGZUjaw4l1QRLv5XQZ2VTu-4D2tYonS8VNktAl0ZfXUgHF4e_nNN5pNlkLLrvwIYd3p7lBjQNE8D8jFs0lNBKgA282gXQbDo0GSuZLfvx5JfHdk2j_88Zh0CwLNaU_KcT9qQzL-g2iftUAFafIUpXhiqSZDX-5J6wRDpeCvlQf3I_K4xl-GFtLs6pm1bSzowV2qYLhfO9ho3yLN5gJqt_doRdXJyKXMv2-ySWvCjv_cCcxNFWfc5DAhya9CPTKN8-ssu1twXNrT0fHiUjZzqU-_gnhCpYX5bozWXNyc_CiZeQsUf9DRHNXL8jM1dMfmVSkTPxK7Z2gEDejShaTmAlMid4cxsM0VT3TlshCIiSzsYg3Kq0kG9dKwSyRVPQBJBqSltbL0KRfqXcz7Cib2k2kjIAG7H0RykDU4NyyDeD5MbGBnkmCY8GC7hOcLb6eq4p0G2OflsU5CQrlx_h9UADGIa0Y_p1hmExxR1DMlXfWegPDA6ZfCMGVNUnCsNVHrTLTjc2UL63CDYQbJIa0G0-v2nxXMqxe7wdexDek9ZNeiMyh1jliwpS4YAX3rvxPA3zlB-jWEnPCU2T8LXr3-5hI7sCrNYaiyFG-ktErgo0MeIb3hp3U0HHCVxiD0JxHMc-CimAr8x3W0lNoEc3iNZ0sHxCWkv-AoUG2VR12LScEuHgn9ZHUXglPBO9HRr-aSwbc0YgrQzx9xzAj0mUu8fHE3yPtvrSwB4AZSRmoI7AOc-WgqwKT3GTbbRIJyNDSnuQVoYLbBJwDTyH-YUUo10f7Fu00b2oq5NzFLlLCsVw1l3cBo4PvQBer08BPb7e38evWcvtev2H4qtGf7JVqgWmfAvH46Nknh6_5T3Yi1hyAJwDK_yS1pG_W32b-zp9x5l9FibrSpIuBvO5CVGrbcerTHWItjkNwAPnQn1RWXtFmPEdxBvDwTCUVZLgXxuvrt2iaRfZjQ22Wav8ZNAYjNbbB74zCy1QFPR57GHfUv2e1daNPmx-dxwKIGcKq3sCOsKcxWRIfveHCZkD0aLdMTxjJOKibVMkdp4cBQZqyDsR0_bswMFQ5nV2XEsOjYLpV8kCfPjHo-C6a_kA5AVAaXyFCHWOnPft9Il9NoyXXcYq8Ho0SsowDRKIG-2Y4mfOkbWV8lEt2qhtYIl9fRjTF8Ejn_VUehHnrCSKUme4G8DAXAvlXFNRkUa_iUVqSnuKepX_A59x_W7I0Fyzc065e3u687FLwQ7TKM85xikvPKr0mz1F15XjsWvy0UjuSlmIFG5GC7gWa6ll7D3vdyIEhw7KT7hmyQj-b5EsETBmNVv2yc5T0Lh-tk3-OesuV7d6r-QmFJ-ynikT7GIPvIuYXJJJpkWdwpfak6kYtK0Nb-eGrKJZdvQQcKftvjs0NiBNRFzqV3Yw1Bm3JcUsPYZEglYPNUeVZU7ZU7FxQ9Z6phQMNq4lQP78z0ylXqEUBlwVuwyBtE3QQR750XSqgZRa2uL0WX15LrfoN-yIzGSL1VTY0A7lkvx8pU7HpowSnlrscjbFoQZH00SfSTwP9UDHIIwXhozz2UbiYDy256RF6roGFOZBqgFkzS1YN8OcHUy_WEeB-BfsT_CqopXAkWGPnklVWngRP_PH1EfrHiLl1vZmQnXboU60lEyXXRWUedrhUEpZmJH5dB_uKyxqyh6jrsEdS8h_OrhbN8_b9g_KEXNu8ywi4cT6vOb9qCyDoqf-lL5GA-vXsn7Tp0S2UOdN_gE8M_3hbMrdgNgsXVkO-m08ZxhnSkmLmgn6juo9ej5qa7buE_0E4cHpH5yGRvZJKXP7_AEiveQOKmg5tTKryGHikMR9J_xWGWlH_M6mnAT_58dO04GJ1QMW7ArffYmMekNBI794KsyfxhRd8yIbk9nw0MflQXv0JY1xND6EgYcDcgXSKcTNwnAoBd8cakSOWY6q9J7SdoZT2ylOl4G7sJuXq33r0X0JvskQBTr2ONQ00wB5xWeypPQ98HB75rciBZMBZbmhWwHtNLIlKp6fvE09w3H-mmVS-nQph4CSsLryMasQKm19SBqpYMYv5PToy2K6jtm_txO4q9PJV0kT238Rk5Lkw7oE-I6FDUAwRFEdXa2yg1BMq4CP5kFcZMBIj8m4lm6FZNNetLg_0YzLfV-bCqLFDuosah9IpX0txR8wrvaQFRcO7Duk2zs24_HsOQUZJ2EkQX3TVGk&cid=CAASJ-RoghXy4gO2GG_SSmDY30P2DOxN_xKpJ7w_9vrswB3jaOHCUsKeyQ&rfl=1%2Chttps%253A%252F%252Fwww.fox13now.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:11:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
799
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 May 2022 04:11:03 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 6655 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsSIr6nrguwv5UZBT3VtDR1FEpQl8e9afcsg6nhbF5iZIXtGPlhjPJjIR88LOYCX4gFfwr_SI7P_2sXTzVfBUC7twrQqhkU_qH_NnCioQLUExUJ1X_ZP8Sm6qhszN7n4wLE40Yvray5kILTR8MTZoMLCzoMg&dbm_d=AKAmf-B_Pc99jkPDHRD1WMwhAALOoNGIjJLGEUu64zEs_BEXeCu9qNydZYJYDOIV4gaCZDSZKRzo7w7yl4fvyOcNzfVAJbNsMaVx0P8dYE26oqXzDiTMTLBWkhX3Qj_ZweTQBp6ujs3HZ_io2_hriaiAJkMzNm5XPeCeOrYc_LJoEkzdb39DldehdgT7gf3Rj9ro0TMUfYznNvb5hWxtjzpG17cjAQuC0nChnkD1qZxSCVbLt38ISqYxPDs3auIkmI9kbavMOeO_UitwCOyEAYszYmciKA2bNjQen-XAZx0UO5NhQAf2m9k_p1e-tyWD_FK6QfHzSsniVmB764adMlWc_fKw4r9Q4s4uiNjp6Ca87I82tXmdPVC8PkPSdnXl-tmrNWRJThxGVY3ISu1aw86IiL8pW1Ounx4dpKYDfLDlmEfcaEAO0pynwAlpJG5fq79Xb70Ae-o8oqxC02kYg8MJoI64jQ_y0WA1W7m-CgYRP5IvdOHClsyl4lr6WljEUaRWZmtuY6dodAsHj1DUPLkiw1UXl48qnvc99wIvL6ntR6DtjItqcByz74NIvSHUbhxr6Mcpyjdc1wQNTE5ffwRH1VP8ZNaj0gECZ3nJlmS_HIfsRG-cv0aY1mG0XOmyDfh1foK6MpZ6vR_Dnk8OqK46sHCpZODfDLSra2xjQ_NmlGzxGyv2m-R-hQdbeq0hHyb9yKPBnRwiHHLLH_XsIirPt3vZra-eo4IyoIDHdzHa7BItqSYMs3bEk1viug7m7X4P3wwfVPqwcbo6e7XrrH3IKBd2xfpY0_PnczcEfO7Ph-RqErolSt5t4IHlfDVnmJEJyl3c4Z3fGsr-_CoRBXzpW06DGzOBaSRpdj88tZ2Wf2uoBV6pnSnJrfLhAI84tzdgdS_s6lzce6GQgOtb1mWPZUjSoYZ7Vz67XbhfRSs2EGZUjaw4l1QRLv5XQZ2VTu-4D2tYonS8VNktAl0ZfXUgHF4e_nNN5pNlkLLrvwIYd3p7lBjQNE8D8jFs0lNBKgA282gXQbDo0GSuZLfvx5JfHdk2j_88Zh0CwLNaU_KcT9qQzL-g2iftUAFafIUpXhiqSZDX-5J6wRDpeCvlQf3I_K4xl-GFtLs6pm1bSzowV2qYLhfO9ho3yLN5gJqt_doRdXJyKXMv2-ySWvCjv_cCcxNFWfc5DAhya9CPTKN8-ssu1twXNrT0fHiUjZzqU-_gnhCpYX5bozWXNyc_CiZeQsUf9DRHNXL8jM1dMfmVSkTPxK7Z2gEDejShaTmAlMid4cxsM0VT3TlshCIiSzsYg3Kq0kG9dKwSyRVPQBJBqSltbL0KRfqXcz7Cib2k2kjIAG7H0RykDU4NyyDeD5MbGBnkmCY8GC7hOcLb6eq4p0G2OflsU5CQrlx_h9UADGIa0Y_p1hmExxR1DMlXfWegPDA6ZfCMGVNUnCsNVHrTLTjc2UL63CDYQbJIa0G0-v2nxXMqxe7wdexDek9ZNeiMyh1jliwpS4YAX3rvxPA3zlB-jWEnPCU2T8LXr3-5hI7sCrNYaiyFG-ktErgo0MeIb3hp3U0HHCVxiD0JxHMc-CimAr8x3W0lNoEc3iNZ0sHxCWkv-AoUG2VR12LScEuHgn9ZHUXglPBO9HRr-aSwbc0YgrQzx9xzAj0mUu8fHE3yPtvrSwB4AZSRmoI7AOc-WgqwKT3GTbbRIJyNDSnuQVoYLbBJwDTyH-YUUo10f7Fu00b2oq5NzFLlLCsVw1l3cBo4PvQBer08BPb7e38evWcvtev2H4qtGf7JVqgWmfAvH46Nknh6_5T3Yi1hyAJwDK_yS1pG_W32b-zp9x5l9FibrSpIuBvO5CVGrbcerTHWItjkNwAPnQn1RWXtFmPEdxBvDwTCUVZLgXxuvrt2iaRfZjQ22Wav8ZNAYjNbbB74zCy1QFPR57GHfUv2e1daNPmx-dxwKIGcKq3sCOsKcxWRIfveHCZkD0aLdMTxjJOKibVMkdp4cBQZqyDsR0_bswMFQ5nV2XEsOjYLpV8kCfPjHo-C6a_kA5AVAaXyFCHWOnPft9Il9NoyXXcYq8Ho0SsowDRKIG-2Y4mfOkbWV8lEt2qhtYIl9fRjTF8Ejn_VUehHnrCSKUme4G8DAXAvlXFNRkUa_iUVqSnuKepX_A59x_W7I0Fyzc065e3u687FLwQ7TKM85xikvPKr0mz1F15XjsWvy0UjuSlmIFG5GC7gWa6ll7D3vdyIEhw7KT7hmyQj-b5EsETBmNVv2yc5T0Lh-tk3-OesuV7d6r-QmFJ-ynikT7GIPvIuYXJJJpkWdwpfak6kYtK0Nb-eGrKJZdvQQcKftvjs0NiBNRFzqV3Yw1Bm3JcUsPYZEglYPNUeVZU7ZU7FxQ9Z6phQMNq4lQP78z0ylXqEUBlwVuwyBtE3QQR750XSqgZRa2uL0WX15LrfoN-yIzGSL1VTY0A7lkvx8pU7HpowSnlrscjbFoQZH00SfSTwP9UDHIIwXhozz2UbiYDy256RF6roGFOZBqgFkzS1YN8OcHUy_WEeB-BfsT_CqopXAkWGPnklVWngRP_PH1EfrHiLl1vZmQnXboU60lEyXXRWUedrhUEpZmJH5dB_uKyxqyh6jrsEdS8h_OrhbN8_b9g_KEXNu8ywi4cT6vOb9qCyDoqf-lL5GA-vXsn7Tp0S2UOdN_gE8M_3hbMrdgNgsXVkO-m08ZxhnSkmLmgn6juo9ej5qa7buE_0E4cHpH5yGRvZJKXP7_AEiveQOKmg5tTKryGHikMR9J_xWGWlH_M6mnAT_58dO04GJ1QMW7ArffYmMekNBI794KsyfxhRd8yIbk9nw0MflQXv0JY1xND6EgYcDcgXSKcTNwnAoBd8cakSOWY6q9J7SdoZT2ylOl4G7sJuXq33r0X0JvskQBTr2ONQ00wB5xWeypPQ98HB75rciBZMBZbmhWwHtNLIlKp6fvE09w3H-mmVS-nQph4CSsLryMasQKm19SBqpYMYv5PToy2K6jtm_txO4q9PJV0kT238Rk5Lkw7oE-I6FDUAwRFEdXa2yg1BMq4CP5kFcZMBIj8m4lm6FZNNetLg_0YzLfV-bCqLFDuosah9IpX0txR8wrvaQFRcO7Duk2zs24_HsOQUZJ2EkQX3TVGk&cid=CAASJ-RoghXy4gO2GG_SSmDY30P2DOxN_xKpJ7w_9vrswB3jaOHCUsKeyQ&rfl=1%2Chttps%253A%252F%252Fwww.fox13now.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:14:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
563
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9783
x-xss-protection
0
server
cafe
etag
9821519945299111448
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 May 2022 04:14:59 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D9E7 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 16:41:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
474196
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 16:41:06 GMT
dv-measurements2678.js
cdn.doubleverify.com/ Frame 4AAE 		528 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements2678.js
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8fe183489de72525abe6b8f3bbb947df24bc4de92c6b0b6b7c30f699b973c66c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 02 May 2022 04:24:22 GMT
Content-Encoding
gzip
Last-Modified
Tue, 26 Apr 2022 08:03:43 GMT
Server
Microsoft-IIS/10.0
ETag
"80d98b254459d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
99728
truncated
/ Frame D9E7 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c500edeb1c43fdd3612981462f0add5bbe11e440b7d7456c09506aa592f6826a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/6115741928127463424/DE/ Frame DD5F 		96 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6115741928127463424/DE/index.html?e=69&leftOffset=0&topOffset=0&c=DmDh6tSodU&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
774d6a8896ca4dfa0b713bf2bcdeef001fad90a318b69f3127b8224563fbe5ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 02 May 2022 04:24:22 GMT
expires
Tue, 02 May 2023 04:24:22 GMT
last-modified
Fri, 01 Apr 2022 09:50:01 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame D9E7 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvEDfhLX8CS0H_4IE5wL2uLmZUjz8aMPPdqbSiQpwW2qpk87WzH9zyBcF2ru5Bbr66KXnp_EysqzFLTq5qMGTPP63SiCa_qUjI4mC-_D-XxHo1LJdEw41WLiqbsPgmvP0j5shscL9x4aTjVwJNPNcdJ1drFWHdDkhrycrAaY59FjBwXMjLkflrwq-eYccKd5xhdijziU4y82Trb4aB9fRMNejKVDMQFzA1SLGO8sHzLQ1OBINN4WYfNtrDp9b8K_v51TO9V_h4bn9ybzBDmqZs1VtJ-GAuZ25RS2ToXYLAJgb3gG08n_oI7IaehqmAzi7AUGIfxbH8xN9cCzNKtjY0Zo7fZQ1yhGMvw-4X0RDHEYpF-nv3v6_SACgEGC0xvY1VdhEmc-ZjvnAW3RUJ1_Gm6fGJisIFtKQzwLY6427Fczm0m7XmFrf22K-Ep_RdDPVplWXWJK-cYIlZvqboY4wwtoOZ_jcugfozRZmlQ2CdWkPiCVH4-kuO_fnS0r4FcZtkOI4OT-Vc_42SC1bEQmCL9PlQhtnzy9c9x81UTjloJgtnv3jPIODsKIdX6_aXeWV81CPvG94kQC6Xipy1DBxwmCNg4FFmwvcAC7w0ygL6QNL9WBodzc0mHTGzuucq6W3Sxls7dbdE05LxiRutv4B4OuQd_pN0s9JARZbJVs2dE_puydD72izwgy69LGTtEYgqmkyDSo29kuQmHdWedZu8LwPstqgl00BP2-wPwO0jTVVRDcewKpEfmnZ3QwqWl_966e-mThTtAoS87vbUW0jRcz5WE9juN4bzq4o52vaymSOgCZQYp6EFs9kMtORPvVhT1pjbV1XItJ_xTVIjK1C8CLzDzxluQnu_Yrv8pH5gUoGYp9cwELUTKvalgRVPY4ACYd8YgYqjiXcKiqAMYaRiCBfvwlahYUbUaOCP68wNWxyDjymshaQzvmIiIcpGRF5VA-vSnZ52viaIgb4YmnDCpfDP8hEHB6-kICDLq5RFIBQ8EfU3d7oEAICQkiEZRsq2wxOR_NWMDwOjO4gn78cU8BuTKvo1n7xA3GZUcd6thuC5vx0RzhhPN4aI3HACmV1Mb9SwSEvu4NPTsNxnYIW9MnLuXUpsU-_TD2_nAkYntevII7coTUYE5X6CeXnJCznPVbVdprwaI8SvzXzPt6IiF0uZIFM4jYZub-pF_1nZZ_1tc570pZN4iCcZOCQ&sai=AMfl-YTbkJhQ3s8107Sln2obDj6avmrKfqcuQozRjqop-kgaCLNI39of3WJklziOV_0lfBSW8HRlP2UuvhRSeSP_tRDtSNAmzwV6l8pSzsXfBG8Sgh-hC4pbfBqL2w5PiwAQtOhpkxhjUXk27vTl1gIe6iQkTTmvbljdO25Bq8XJvHT9LYC_LM0vTl_lF55Kq-bzCkUCepfcgtTjzU8sFvXwQfSWqekM9_o9SQ&sig=Cg0ArKJSzHTywQw7f2ktEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=327&cbvp=1&cstd=315&cisv=r20220427.92642&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Mon, 02 May 2022 04:24:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
B27526954.333346080;dc_trk_aid=525538477;dc_trk_cid=169268498;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dc_exteid=ABAjH0hT5kiykVZoLaQPwhYg1HlW;dc_pubid=5;dc_dbm_token...
ad.doubleclick.net/ddm/trackimp/N572403.279382DBMTRADELAB1205398/ Frame D9E7 		42 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N572403.279382DBMTRADELAB1205398/B27526954.333346080;dc_trk_aid=525538477;dc_trk_cid=169268498;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dc_exteid=ABAjH0hT5kiykVZoLaQPwhYg1HlW;dc_pubid=5;dc_dbm_token=AD1EzRQAAACyCqkBCgwIABUAAAAAHQAAAAASDAgAFQAAAAAdAAAAACISCNmuysM-qAKhpIcCsALF354NQAHSAioYASITCLvjlaH8v_cCFVrzdwodIvEMiCgBMAE44ruW2eoPQAJIAViZgSCqAztDQUFTS09Sb05MZjhFR1phU1pTYU1ETlpqUGwtRzNXNERxeFZzRG1BRXBTMmR2TTM4LXExMjFtU0d5SbIDCQiI4YAQEAEYHRCKuZnHAcMIPaB119WI-GvFNDS8Bck?
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/17405966027270914048/ Frame 3073 		3 KB
618 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=dHup4iPFus&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40a6fde90e5fa4d7aac669a50ca1efd481e15e6672586fb51f636fbcccf26a04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
590
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 02 May 2022 04:24:22 GMT
expires
Tue, 02 May 2023 04:24:22 GMT
last-modified
Fri, 01 Apr 2022 15:18:12 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame AE50 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstKxDtmcUKj1A4TFSCCiwfQOzZ7ApdohyG6vmjAIz36wORUgwkJO8TSFv20KmKXAxGBJus9Sd9_UkRjCvzilMgKpHMR22QQgzEzbzZmHk0CVq0NuR-RqzAu9VrIGUyp_ShZ-lgDjL4VABHRYQs9oyTqbuQEWZWTvzxH2TKYeiKCe9iBTSXErTndU4Lgmel2NyKYuQ9oYXLL6pRzbss9UUVCzpyfT30xk0uXxi2G_iDLtz1JVb9H6j0i0szTxb6Q134MjspKYnQu-VYxt_wMAwQXKAaUmHmHTB-_BSlG_jxgjJbVlOJNxiD51xjhaajPzLM-jBvTq123I7uL6-_H_mh5G0iACi-jGhI3YiSVvRBgt12rbu-gv9Xp7a4t7R5Eivj7iqj9ec7ZrU_QmFW-5GuFmUwhGV6LlKoLQKdWaFnrOQ3ihzT1vIQG4LubOYDuUCxeJO0uai03bJ7Si1rOryncbBUXwWfZ8pOn3cpaWsBQqAlONOjL6WOjz7Sb3_rZcQw8YbdFhi5V9ciw71HgfdqoXhHEu2G6UZo9zNFzywAajv_HG_M7smuWeGa-niv-IIfrReboOZFCT6TsJ6tAKIFosBhfnxDYFPjTq9MZpizw8UNgR7X8fymaGT9JGhFiOOmUX2XTazDDtWZmYGh4PMod7jr3qe-Sp9p_J4ca5TmwY2w3kPI0NeG_vjn2HZUKZWm-fAn7RJ8KeMid0q4G1lObLx-y7RrYAZf3L-Sop949-fYXNm07FczozXpCyl0dwqDbZ9aHM2uspXgNht3_F_v1HwaWDlz6CIO_oMULDTSJP1F7kvqxGZTAjAKmoMU2_UgXEWDWPiM6wPYS41csFjqSmkzpzd6I2HSZWjAypJcaVbi4-QAuWNzs9YjvMzqn_7PdnKKNNPC-SCj12KB-JVXZ9npnqhdFVApVsgloqzW0h9LZjeVDmAegSltPN7vbzCEIMBDOVJTU8oWqtBIJHny6VwT2ybaZPc83QppjlUxG6JnleMbsPYcP65uenPMT9fabbweHaAi_wscl1ICIbdeR0aWgC5t_tAKi9jNNi-nIhJp5BD__UxkGkBVuQmjB16hjIFlrDKnU_UXEg88gK25p1CmNzo_lOgJ7QM0MFgjRWMGd1ZbL2RIOH9dq8wxVl8o_9nm_bSTZE9Qe7OUbpnQoOW9vgHE_kHWsA4i03e9al7rZVKuK&sai=AMfl-YRRi_oLs8Nb8O13vU6mhsEd4LCVvU-0DAi44Op7ijnB_OKDy3GVXd1HOmMURlIz69ucqX_02MvXnQnbX4QUFqv7vdtlAYUi26CRf6yfGtFOvDe--0eklFB1LsfEf_5WzIZ6ALygDk0pHAEWS1yLI5QPe7AxmjvB_Q_8wUnsfWSDgmjZGymC5uwQfz5fPDiWWfnF0wkL8Bm9PfKC8ko3ApzAFlBGeJ8&sig=Cg0ArKJSzOrOXHbYaawLEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=334&cbvp=1&cstd=328&cisv=r20220427.06283&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Mon, 02 May 2022 04:24:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/sadbundle/3875675003022213120/ Frame 4BA5 		4 KB
850 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3875675003022213120/index.html?e=69&leftOffset=0&topOffset=0&c=McmFizFeY9&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c958e138d98ce05b52fb81d8db9fa139eb77d82d1702ab6e42c3fb4314030993
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
822
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 02 May 2022 04:24:22 GMT
expires
Tue, 02 May 2023 04:24:22 GMT
last-modified
Fri, 01 Apr 2022 15:18:24 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 6655 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuftUAT2PBZvTisEFPrOl2u28ne034wjeuVL4_mgmIZE4mPG267InZuH7wwdL5IwtT0g_ucj2a2yOt4N_sXH8M6aWDEW3_MjaqZ42BrnyKxVeBP8ZcHfVZZw8sqkK_Xn8z90eCmS5rh3cl81fURF74nXDvyUW_3zyiHY7frsEtsR4im4QmAUrAx_suzbry8Tz1DF0LfYGNA9bf22zY2LQzti5BamrnSOhpq9_JrWNEBFpIaaikOZFNmh31ppvzPIWteq4C2qOJaqZ2cVxlO-J4wVmb3vXGKU_Q0zfXzJsgU4PCCG-BI-RHcO7KnbbiYO564OGNv4Ma5t7yq9UT5t6wa8ZusibewPABzju8Ju1vJF4488g-JgoNXcaZ6Kcdlr7HwqrCUNffU7NEgfXRTVUqXW9JI3SZAfAWBBnx5UXMJepoYZzbShsGJEXmvaVJw_HIv5eRIpWyt6Ze7GGnlVhWNcqRcTacmyscvtItURsdtcc-8_EdhW_9vyJ5Rkh4qZEG6ZIvqNf1Fk6HCJMS67ARP0ik7lm1807hgbD39GeCpGIw6_Ctm8gYHigpU-qLXXDIZyTkcvtZQ3UH6fAgvPP3p-o2wTg98zNNoF_znY0ubBwyL4VvnDxEOIx9bvWmHFktOPKnqGrLWZcsIazFJ9vX0KY3dNMccqEyzUGPvaz_DHaJQqHUP6fsqg4KDLoPJNP6USg1d78lgXOeBhkb72udTj8VL3BW6qCLPBTfTpewuMdu5nlSOvKImdxyASXCiHvIJb7AppiB_k5OHoYXxkWiwE5I6VWgGzQyPrcgDHb6ZiJfEeZQR0lcjFEvbu1jNKo-XfJJFoAhuo3kDbkx7DrxkXK29JaQkL-QolF7Ax68u5Giq9UneNmSzQevSJbhTE4TmY9qpTeDEontgcI8wAYbgc5GrDOMxotfIyUKg2VAENCEfhmpEHLo4rxEnWsttnEvlGb-1hf_oGCpNLBcYi8nSLAyxrFa8ff5hWd7SNXTO-aqk6YOUggov71gW4M1o9UVdNX-AM6M3JhwtrIOu_qibZe-ux2U5TjiO_JVxL_dp9CIohULIPmF_fYlKbORWyEKY3GcxrPma4EogwubAGCzGAmuxQ1MpSVvLs9Gg0LvqkutsaBtEsFiBhK9gS-bE4JfRxz8-GKzPC_H8aDnRH_ZLSw0XV_9njyJrQBBdNV0tB6aZGiFw2kZJJley&sai=AMfl-YSaOWDFsLeyX3dAOcBEpWHOuEwdJQaZGf5tpN0_tAH4Bm-JGLJOyFOt-l3vf8yYTA6aTaJSw4wt8vqj-yT9B5c9Qdf6eeLGi8T7hoyfSqwhixgAuwjcz0-c440mjD8KD9bdKJfqOky3iwaP5pD79i9RSvCsIuP8oHHn_St4JREjlPtPTVxa66rafHyyoyOiuM4MdAAyhoExUwtb0c0SFBCSv2unv6M&sig=Cg0ArKJSzLBEeMmGjZ-UEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=319&cbvp=1&cstd=313&cisv=r20220427.83501&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Mon, 02 May 2022 04:24:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame AE50 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 16:41:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
474196
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 16:41:06 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 040F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
339592
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Apr 2022 06:04:30 GMT
expires
Fri, 28 Apr 2023 06:04:30 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
visit.js
tps.doubleverify.com/ Frame 4AAE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=296&ttfrms=48&brid=3&brver=101.0.4951.41&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D7%40I%60b%3F%40H%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D7%40I%60b%3F%40H%5D4%40%3ETar9EEADTbpTauTau2g4gea52c_ccg64f4ae%60%60ef%60645hgb65%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=416&ddur=95&uid=1651465462061572&jsCallback=dvCallback_1651465462061613&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.41%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=970&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2678&tgjsver=2678&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fa8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=14&brh=2&sdf=2&dvp_epl=235&noc=4&ctx=22203524&cmp=27526954&sid=5311370&plc=333346080&adsrv=1&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=477357220474.5613&dvp_tukv=43812255279.97261&dvp_uuid=7758976816.098189&dvp_strhd=0.70001220703125&dvpx_strhd=0.70001220703125&dvp_tuid=857080955468
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2678.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
745fb1b07588682e3b5501bc0539dc4e851ca6378bfb982f7959b6ad60bcb4ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:22 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Expires
05/01/2022 04:24:22
truncated
/ Frame AE50 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f98ff6e868322d921598d85ca463a8e321c35c55f9177d17ddea0982976c41f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
gsap_3.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame DD5F 		54 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6115741928127463424/DE/index.html?e=69&leftOffset=0&topOffset=0&c=DmDh6tSodU&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8154aa9057e3367d9d3e4bb1f85db9645c01fc0690091aadc57dbae849ba3499
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6115741928127463424/DE/index.html?e=69&leftOffset=0&topOffset=0&c=DmDh6tSodU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22005
x-xss-protection
0
last-modified
Mon, 11 Nov 2019 18:08:13 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 May 2022 04:24:22 GMT
Enabler_01_248.js
s0.2mdn.net/879366/ Frame DD5F 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_248.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6115741928127463424/DE/index.html?e=69&leftOffset=0&topOffset=0&c=DmDh6tSodU&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6115741928127463424/DE/index.html?e=69&leftOffset=0&topOffset=0&c=DmDh6tSodU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 06:44:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77974
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41094
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:45:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 May 2022 06:44:48 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6655 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
URL: https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 16:41:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
474196
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 16:41:06 GMT
style.css
s0.2mdn.net/sadbundle/17405966027270914048/ Frame 3073 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17405966027270914048/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=dHup4iPFus&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
595374b4287ac35757c51ffb0e544392397afbc8f4eecc7f6f97a6bcb3b6c18d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=dHup4iPFus&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 15:24:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
565210
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1296
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 15:18:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Apr 2023 15:24:12 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 3073 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=dHup4iPFus&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=dHup4iPFus&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 18:54:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34173
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 May 2022 18:54:49 GMT
pa.js
s0.2mdn.net/sadbundle/17405966027270914048/ Frame 3073 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17405966027270914048/pa.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=dHup4iPFus&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b88a304d6162d0e7bc1ea1c3b8c9e9f6b6751002a6d58b6a7bb2c4dd383dea8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=dHup4iPFus&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 15:24:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
565210
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1443
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 15:18:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Apr 2023 15:24:12 GMT
logic.js
s0.2mdn.net/sadbundle/17405966027270914048/ Frame 3073 		19 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17405966027270914048/logic.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=dHup4iPFus&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10cb35a5786ba742e0e5e91c22f42ae9cafa7acdfcab479053cfa8ed8b39adf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=dHup4iPFus&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 15:24:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
565210
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3353
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 15:18:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Apr 2023 15:24:12 GMT
truncated
/ Frame 6655 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a36a4a338cfca22743c0df9c563d7636176a0f16acaa49e13e930f7d0a8948ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
style.css
s0.2mdn.net/sadbundle/3875675003022213120/ Frame 4BA5 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3875675003022213120/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3875675003022213120/index.html?e=69&leftOffset=0&topOffset=0&c=McmFizFeY9&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25d0c59546c0281367022c7c6c7dfd3bf1eabad3cdb1e08cd75f634e6ad935ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3875675003022213120/index.html?e=69&leftOffset=0&topOffset=0&c=McmFizFeY9&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 15:25:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
565118
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1254
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 15:18:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Apr 2023 15:25:44 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 4BA5 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3875675003022213120/index.html?e=69&leftOffset=0&topOffset=0&c=McmFizFeY9&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3875675003022213120/index.html?e=69&leftOffset=0&topOffset=0&c=McmFizFeY9&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 18:54:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34173
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 May 2022 18:54:49 GMT
pa.js
s0.2mdn.net/sadbundle/3875675003022213120/ Frame 4BA5 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3875675003022213120/pa.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3875675003022213120/index.html?e=69&leftOffset=0&topOffset=0&c=McmFizFeY9&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b88a304d6162d0e7bc1ea1c3b8c9e9f6b6751002a6d58b6a7bb2c4dd383dea8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3875675003022213120/index.html?e=69&leftOffset=0&topOffset=0&c=McmFizFeY9&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 15:25:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
565118
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1443
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 15:18:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Apr 2023 15:25:44 GMT
logic.js
s0.2mdn.net/sadbundle/3875675003022213120/ Frame 4BA5 		19 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3875675003022213120/logic.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3875675003022213120/index.html?e=69&leftOffset=0&topOffset=0&c=McmFizFeY9&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6aaa39f85432536526872be4100326cba1b18d6f91a52374992e1abd1f8b630
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3875675003022213120/index.html?e=69&leftOffset=0&topOffset=0&c=McmFizFeY9&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 15:25:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
565118
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3333
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 15:18:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Apr 2023 15:25:44 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame EAEB 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
339592
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Apr 2022 06:04:30 GMT
expires
Fri, 28 Apr 2023 06:04:30 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7BEA 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
339592
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Apr 2022 06:04:30 GMT
expires
Fri, 28 Apr 2023 06:04:30 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame D9E7 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvEDfhLX8CS0H_4IE5wL2uLmZUjz8aMPPdqbSiQpwW2qpk87WzH9zyBcF2ru5Bbr66KXnp_EysqzFLTq5qMGTPP63SiCa_qUjI4mC-_D-XxHo1LJdEw41WLiqbsPgmvP0j5shscL9x4aTjVwJNPNcdJ1drFWHdDkhrycrAaY59FjBwXMjLkflrwq-eYccKd5xhdijziU4y82Trb4aB9fRMNejKVDMQFzA1SLGO8sHzLQ1OBINN4WYfNtrDp9b8K_v51TO9V_h4bn9ybzBDmqZs1VtJ-GAuZ25RS2ToXYLAJgb3gG08n_oI7IaehqmAzi7AUGIfxbH8xN9cCzNKtjY0Zo7fZQ1yhGMvw-4X0RDHEYpF-nv3v6_SACgEGC0xvY1VdhEmc-ZjvnAW3RUJ1_Gm6fGJisIFtKQzwLY6427Fczm0m7XmFrf22K-Ep_RdDPVplWXWJK-cYIlZvqboY4wwtoOZ_jcugfozRZmlQ2CdWkPiCVH4-kuO_fnS0r4FcZtkOI4OT-Vc_42SC1bEQmCL9PlQhtnzy9c9x81UTjloJgtnv3jPIODsKIdX6_aXeWV81CPvG94kQC6Xipy1DBxwmCNg4FFmwvcAC7w0ygL6QNL9WBodzc0mHTGzuucq6W3Sxls7dbdE05LxiRutv4B4OuQd_pN0s9JARZbJVs2dE_puydD72izwgy69LGTtEYgqmkyDSo29kuQmHdWedZu8LwPstqgl00BP2-wPwO0jTVVRDcewKpEfmnZ3QwqWl_966e-mThTtAoS87vbUW0jRcz5WE9juN4bzq4o52vaymSOgCZQYp6EFs9kMtORPvVhT1pjbV1XItJ_xTVIjK1C8CLzDzxluQnu_Yrv8pH5gUoGYp9cwELUTKvalgRVPY4ACYd8YgYqjiXcKiqAMYaRiCBfvwlahYUbUaOCP68wNWxyDjymshaQzvmIiIcpGRF5VA-vSnZ52viaIgb4YmnDCpfDP8hEHB6-kICDLq5RFIBQ8EfU3d7oEAICQkiEZRsq2wxOR_NWMDwOjO4gn78cU8BuTKvo1n7xA3GZUcd6thuC5vx0RzhhPN4aI3HACmV1Mb9SwSEvu4NPTsNxnYIW9MnLuXUpsU-_TD2_nAkYntevII7coTUYE5X6CeXnJCznPVbVdprwaI8SvzXzPt6IiF0uZIFM4jYZub-pF_1nZZ_1tc570pZN4iCcZOCQ&sai=AMfl-YTbkJhQ3s8107Sln2obDj6avmrKfqcuQozRjqop-kgaCLNI39of3WJklziOV_0lfBSW8HRlP2UuvhRSeSP_tRDtSNAmzwV6l8pSzsXfBG8Sgh-hC4pbfBqL2w5PiwAQtOhpkxhjUXk27vTl1gIe6iQkTTmvbljdO25Bq8XJvHT9LYC_LM0vTl_lF55Kq-bzCkUCepfcgtTjzU8sFvXwQfSWqekM9_o9SQ&sig=Cg0ArKJSzHTywQw7f2ktEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=758&vt=11&dtpt=431&dett=3&cstd=315&cisv=r20220427.92642&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 May 2022 04:24:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
L40_bwVzlW8spCJYIlxRfazkqz_naZf8jNC5QLvZgqM.js
pagead2.googlesyndication.com/bg/ Frame 040F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/L40_bwVzlW8spCJYIlxRfazkqz_naZf8jNC5QLvZgqM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f8d3f6f0573956f2ca42258225c517dace4ab3fe76997fc8cd0b940bbd982a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 23:24:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
18022
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13610
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 01 May 2023 23:24:01 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame AE50 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstKxDtmcUKj1A4TFSCCiwfQOzZ7ApdohyG6vmjAIz36wORUgwkJO8TSFv20KmKXAxGBJus9Sd9_UkRjCvzilMgKpHMR22QQgzEzbzZmHk0CVq0NuR-RqzAu9VrIGUyp_ShZ-lgDjL4VABHRYQs9oyTqbuQEWZWTvzxH2TKYeiKCe9iBTSXErTndU4Lgmel2NyKYuQ9oYXLL6pRzbss9UUVCzpyfT30xk0uXxi2G_iDLtz1JVb9H6j0i0szTxb6Q134MjspKYnQu-VYxt_wMAwQXKAaUmHmHTB-_BSlG_jxgjJbVlOJNxiD51xjhaajPzLM-jBvTq123I7uL6-_H_mh5G0iACi-jGhI3YiSVvRBgt12rbu-gv9Xp7a4t7R5Eivj7iqj9ec7ZrU_QmFW-5GuFmUwhGV6LlKoLQKdWaFnrOQ3ihzT1vIQG4LubOYDuUCxeJO0uai03bJ7Si1rOryncbBUXwWfZ8pOn3cpaWsBQqAlONOjL6WOjz7Sb3_rZcQw8YbdFhi5V9ciw71HgfdqoXhHEu2G6UZo9zNFzywAajv_HG_M7smuWeGa-niv-IIfrReboOZFCT6TsJ6tAKIFosBhfnxDYFPjTq9MZpizw8UNgR7X8fymaGT9JGhFiOOmUX2XTazDDtWZmYGh4PMod7jr3qe-Sp9p_J4ca5TmwY2w3kPI0NeG_vjn2HZUKZWm-fAn7RJ8KeMid0q4G1lObLx-y7RrYAZf3L-Sop949-fYXNm07FczozXpCyl0dwqDbZ9aHM2uspXgNht3_F_v1HwaWDlz6CIO_oMULDTSJP1F7kvqxGZTAjAKmoMU2_UgXEWDWPiM6wPYS41csFjqSmkzpzd6I2HSZWjAypJcaVbi4-QAuWNzs9YjvMzqn_7PdnKKNNPC-SCj12KB-JVXZ9npnqhdFVApVsgloqzW0h9LZjeVDmAegSltPN7vbzCEIMBDOVJTU8oWqtBIJHny6VwT2ybaZPc83QppjlUxG6JnleMbsPYcP65uenPMT9fabbweHaAi_wscl1ICIbdeR0aWgC5t_tAKi9jNNi-nIhJp5BD__UxkGkBVuQmjB16hjIFlrDKnU_UXEg88gK25p1CmNzo_lOgJ7QM0MFgjRWMGd1ZbL2RIOH9dq8wxVl8o_9nm_bSTZE9Qe7OUbpnQoOW9vgHE_kHWsA4i03e9al7rZVKuK&sai=AMfl-YRRi_oLs8Nb8O13vU6mhsEd4LCVvU-0DAi44Op7ijnB_OKDy3GVXd1HOmMURlIz69ucqX_02MvXnQnbX4QUFqv7vdtlAYUi26CRf6yfGtFOvDe--0eklFB1LsfEf_5WzIZ6ALygDk0pHAEWS1yLI5QPe7AxmjvB_Q_8wUnsfWSDgmjZGymC5uwQfz5fPDiWWfnF0wkL8Bm9PfKC8ko3ApzAFlBGeJ8&sig=Cg0ArKJSzOrOXHbYaawLEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=722&vt=11&dtpt=388&dett=3&cstd=328&cisv=r20220427.06283&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 May 2022 04:24:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame 6655 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuftUAT2PBZvTisEFPrOl2u28ne034wjeuVL4_mgmIZE4mPG267InZuH7wwdL5IwtT0g_ucj2a2yOt4N_sXH8M6aWDEW3_MjaqZ42BrnyKxVeBP8ZcHfVZZw8sqkK_Xn8z90eCmS5rh3cl81fURF74nXDvyUW_3zyiHY7frsEtsR4im4QmAUrAx_suzbry8Tz1DF0LfYGNA9bf22zY2LQzti5BamrnSOhpq9_JrWNEBFpIaaikOZFNmh31ppvzPIWteq4C2qOJaqZ2cVxlO-J4wVmb3vXGKU_Q0zfXzJsgU4PCCG-BI-RHcO7KnbbiYO564OGNv4Ma5t7yq9UT5t6wa8ZusibewPABzju8Ju1vJF4488g-JgoNXcaZ6Kcdlr7HwqrCUNffU7NEgfXRTVUqXW9JI3SZAfAWBBnx5UXMJepoYZzbShsGJEXmvaVJw_HIv5eRIpWyt6Ze7GGnlVhWNcqRcTacmyscvtItURsdtcc-8_EdhW_9vyJ5Rkh4qZEG6ZIvqNf1Fk6HCJMS67ARP0ik7lm1807hgbD39GeCpGIw6_Ctm8gYHigpU-qLXXDIZyTkcvtZQ3UH6fAgvPP3p-o2wTg98zNNoF_znY0ubBwyL4VvnDxEOIx9bvWmHFktOPKnqGrLWZcsIazFJ9vX0KY3dNMccqEyzUGPvaz_DHaJQqHUP6fsqg4KDLoPJNP6USg1d78lgXOeBhkb72udTj8VL3BW6qCLPBTfTpewuMdu5nlSOvKImdxyASXCiHvIJb7AppiB_k5OHoYXxkWiwE5I6VWgGzQyPrcgDHb6ZiJfEeZQR0lcjFEvbu1jNKo-XfJJFoAhuo3kDbkx7DrxkXK29JaQkL-QolF7Ax68u5Giq9UneNmSzQevSJbhTE4TmY9qpTeDEontgcI8wAYbgc5GrDOMxotfIyUKg2VAENCEfhmpEHLo4rxEnWsttnEvlGb-1hf_oGCpNLBcYi8nSLAyxrFa8ff5hWd7SNXTO-aqk6YOUggov71gW4M1o9UVdNX-AM6M3JhwtrIOu_qibZe-ux2U5TjiO_JVxL_dp9CIohULIPmF_fYlKbORWyEKY3GcxrPma4EogwubAGCzGAmuxQ1MpSVvLs9Gg0LvqkutsaBtEsFiBhK9gS-bE4JfRxz8-GKzPC_H8aDnRH_ZLSw0XV_9njyJrQBBdNV0tB6aZGiFw2kZJJley&sai=AMfl-YSaOWDFsLeyX3dAOcBEpWHOuEwdJQaZGf5tpN0_tAH4Bm-JGLJOyFOt-l3vf8yYTA6aTaJSw4wt8vqj-yT9B5c9Qdf6eeLGi8T7hoyfSqwhixgAuwjcz0-c440mjD8KD9bdKJfqOky3iwaP5pD79i9RSvCsIuP8oHHn_St4JREjlPtPTVxa66rafHyyoyOiuM4MdAAyhoExUwtb0c0SFBCSv2unv6M&sig=Cg0ArKJSzLBEeMmGjZ-UEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=708&vt=11&dtpt=389&dett=3&cstd=313&cisv=r20220427.83501&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 May 2022 04:24:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3073 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae76f7c904609050f586b35df791282f793f9c78684dabda17ebbe959f220fa2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 May 2022 04:24:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5606
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022042601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
be4deb2c83d3ff2724dc61220eab6ef1dd66f40f862bbbbd5529c0b20f884f9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 May 2022 04:24:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10591
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4BA5 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
186107a77994bfc7f110a690564751f65d1fa1557832dcf0c06ea39deae84ba6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 May 2022 04:24:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5650
x-xss-protection
0
L40_bwVzlW8spCJYIlxRfazkqz_naZf8jNC5QLvZgqM.js
pagead2.googlesyndication.com/bg/ Frame EAEB 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/L40_bwVzlW8spCJYIlxRfazkqz_naZf8jNC5QLvZgqM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f8d3f6f0573956f2ca42258225c517dace4ab3fe76997fc8cd0b940bbd982a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 23:24:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
18022
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13610
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 01 May 2023 23:24:01 GMT
OpenSans-SemiBold.woff
s0.2mdn.net/sadbundle/17405966027270914048/ Frame 3073 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17405966027270914048/OpenSans-SemiBold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da697e4a5654c750168d62ba00fded8a38fd33ac179d8223fbfba9b35175eff1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17405966027270914048/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 15:24:12 GMT
x-content-type-options
nosniff
age
565211
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69884
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 15:18:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Apr 2023 15:24:12 GMT
OpenSans-Regular.woff
s0.2mdn.net/sadbundle/17405966027270914048/ Frame 3073 		66 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17405966027270914048/OpenSans-Regular.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb3e750c6fab3976f69f16b4f398de3d44e8fb7d596235c25a28df5ddacf48f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17405966027270914048/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 15:24:12 GMT
x-content-type-options
nosniff
age
565211
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67540
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 15:18:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Apr 2023 15:24:12 GMT
OpenSans-Light.woff
s0.2mdn.net/sadbundle/17405966027270914048/ Frame 3073 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17405966027270914048/OpenSans-Light.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc606be4585fb0adfc94553e94388529c8e1edccc0524f76472c11704bb1f7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17405966027270914048/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 15:24:12 GMT
x-content-type-options
nosniff
age
565211
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69384
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 15:18:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Apr 2023 15:24:12 GMT
35747479_20211020090433101_Forex_logo.png
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame 3073 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20211020090433101_Forex_logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89b32d2c190d8bd0b1660601ca99800e162e6583dfd5dd2705ff0f718cdef485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=dHup4iPFus&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 13:00:15 GMT
x-content-type-options
nosniff
age
55448
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3374
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 16:04:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 May 2022 13:00:15 GMT
35747479_20220407041836625_FXUK-Tech_1.jpg
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame 3073 		414 KB
414 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20220407041836625_FXUK-Tech_1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a5bfea6ade5e6b317daa2f8e69a47a111ca31222a8736bd9b0b3dad5e90316d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=dHup4iPFus&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 11:15:37 GMT
x-content-type-options
nosniff
age
61726
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
423895
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 11:18:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 May 2022 11:15:37 GMT
35747479_20211020090550552_1x1-00000000.png
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame 3073 		68 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20211020090550552_1x1-00000000.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=dHup4iPFus&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 13:00:19 GMT
x-content-type-options
nosniff
age
55444
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 16:05:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 May 2022 13:00:19 GMT
L40_bwVzlW8spCJYIlxRfazkqz_naZf8jNC5QLvZgqM.js
pagead2.googlesyndication.com/bg/ Frame 7BEA 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/L40_bwVzlW8spCJYIlxRfazkqz_naZf8jNC5QLvZgqM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f8d3f6f0573956f2ca42258225c517dace4ab3fe76997fc8cd0b940bbd982a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 23:24:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
18022
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13610
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 01 May 2023 23:24:01 GMT
35747479_20211020090433101_Forex_logo.png
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame 4BA5 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20211020090433101_Forex_logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3875675003022213120/logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89b32d2c190d8bd0b1660601ca99800e162e6583dfd5dd2705ff0f718cdef485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3875675003022213120/index.html?e=69&leftOffset=0&topOffset=0&c=McmFizFeY9&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 13:00:15 GMT
x-content-type-options
nosniff
age
55448
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3374
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 16:04:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 May 2022 13:00:15 GMT
35747479_20220407041836625_FXUK-Tech_1.jpg
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame 4BA5 		414 KB
414 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20220407041836625_FXUK-Tech_1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3875675003022213120/logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a5bfea6ade5e6b317daa2f8e69a47a111ca31222a8736bd9b0b3dad5e90316d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3875675003022213120/index.html?e=69&leftOffset=0&topOffset=0&c=McmFizFeY9&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 11:15:37 GMT
x-content-type-options
nosniff
age
61726
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
423895
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 11:18:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 May 2022 11:15:37 GMT
35747479_20211020090550552_1x1-00000000.png
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame 4BA5 		68 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20211020090550552_1x1-00000000.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3875675003022213120/logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3875675003022213120/index.html?e=69&leftOffset=0&topOffset=0&c=McmFizFeY9&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 13:00:19 GMT
x-content-type-options
nosniff
age
55444
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 16:05:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 May 2022 13:00:19 GMT
OpenSans-SemiBold.woff
s0.2mdn.net/sadbundle/3875675003022213120/ Frame 4BA5 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3875675003022213120/OpenSans-SemiBold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3875675003022213120/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da697e4a5654c750168d62ba00fded8a38fd33ac179d8223fbfba9b35175eff1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/3875675003022213120/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 15:25:35 GMT
x-content-type-options
nosniff
age
565128
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69884
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 15:18:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Apr 2023 15:25:35 GMT
OpenSans-Regular.woff
s0.2mdn.net/sadbundle/3875675003022213120/ Frame 4BA5 		66 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3875675003022213120/OpenSans-Regular.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3875675003022213120/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb3e750c6fab3976f69f16b4f398de3d44e8fb7d596235c25a28df5ddacf48f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/3875675003022213120/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 15:25:35 GMT
x-content-type-options
nosniff
age
565128
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67540
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 15:18:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Apr 2023 15:25:35 GMT
OpenSans-Light.woff
s0.2mdn.net/sadbundle/3875675003022213120/ Frame 4BA5 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3875675003022213120/OpenSans-Light.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3875675003022213120/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc606be4585fb0adfc94553e94388529c8e1edccc0524f76472c11704bb1f7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/3875675003022213120/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 15:25:35 GMT
x-content-type-options
nosniff
age
565128
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69384
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 15:18:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Apr 2023 15:25:35 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3073 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 02 May 2022 04:24:23 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 02 May 2022 04:24:23 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4BA5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 02 May 2022 04:24:23 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame DD5F 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_248&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
719f6aa7d7f905477e49f6a29ee23b1b8b5eda6c06866954fd6e3325093401d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 May 2022 04:24:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5549
x-xss-protection
0
timeline-colour.png
s0.2mdn.net/sadbundle/6115741928127463424/DE/ Frame DD5F 		95 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6115741928127463424/DE/timeline-colour.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6115741928127463424/DE/index.html?e=69&leftOffset=0&topOffset=0&c=DmDh6tSodU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:47:38 GMT
x-content-type-options
nosniff
age
477405
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 09:50:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 26 Apr 2023 15:47:38 GMT
inline-video-970x250_logo.png
s0.2mdn.net/sadbundle/6115741928127463424/DE/ Frame DD5F 		95 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6115741928127463424/DE/inline-video-970x250_logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6115741928127463424/DE/index.html?e=69&leftOffset=0&topOffset=0&c=DmDh6tSodU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:47:38 GMT
x-content-type-options
nosniff
age
477405
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 09:50:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 26 Apr 2023 15:47:38 GMT
inline-video-970x250_cta.png
s0.2mdn.net/sadbundle/6115741928127463424/DE/ Frame DD5F 		95 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6115741928127463424/DE/inline-video-970x250_cta.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6115741928127463424/DE/index.html?e=69&leftOffset=0&topOffset=0&c=DmDh6tSodU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:47:38 GMT
x-content-type-options
nosniff
age
477405
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 09:50:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 26 Apr 2023 15:47:38 GMT
inline-video-970x250_endframe.png
s0.2mdn.net/sadbundle/6115741928127463424/DE/ Frame DD5F 		95 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6115741928127463424/DE/inline-video-970x250_endframe.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6115741928127463424/DE/index.html?e=69&leftOffset=0&topOffset=0&c=DmDh6tSodU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:47:38 GMT
x-content-type-options
nosniff
age
477405
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 09:50:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 26 Apr 2023 15:47:38 GMT
mute.png
s0.2mdn.net/sadbundle/6115741928127463424/DE/ Frame DD5F 		95 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6115741928127463424/DE/mute.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6115741928127463424/DE/index.html?e=69&leftOffset=0&topOffset=0&c=DmDh6tSodU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:47:38 GMT
x-content-type-options
nosniff
age
477405
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 09:50:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 26 Apr 2023 15:47:38 GMT
unmute.png
s0.2mdn.net/sadbundle/6115741928127463424/DE/ Frame DD5F 		95 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6115741928127463424/DE/unmute.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6115741928127463424/DE/index.html?e=69&leftOffset=0&topOffset=0&c=DmDh6tSodU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:47:38 GMT
x-content-type-options
nosniff
age
477405
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 09:50:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 26 Apr 2023 15:47:38 GMT
replay.png
s0.2mdn.net/sadbundle/6115741928127463424/DE/ Frame DD5F 		95 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6115741928127463424/DE/replay.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6115741928127463424/DE/index.html?e=69&leftOffset=0&topOffset=0&c=DmDh6tSodU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:47:38 GMT
x-content-type-options
nosniff
age
477405
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 09:50:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 26 Apr 2023 15:47:38 GMT
play.png
s0.2mdn.net/sadbundle/6115741928127463424/DE/ Frame DD5F 		95 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6115741928127463424/DE/play.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6115741928127463424/DE/index.html?e=69&leftOffset=0&topOffset=0&c=DmDh6tSodU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:47:38 GMT
x-content-type-options
nosniff
age
477405
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 09:50:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 26 Apr 2023 15:47:38 GMT
pause.png
s0.2mdn.net/sadbundle/6115741928127463424/DE/ Frame DD5F 		95 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6115741928127463424/DE/pause.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6115741928127463424/DE/index.html?e=69&leftOffset=0&topOffset=0&c=DmDh6tSodU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:47:38 GMT
x-content-type-options
nosniff
age
477405
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 09:50:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 26 Apr 2023 15:47:38 GMT
inline-video-970x250_static.png
s0.2mdn.net/sadbundle/6115741928127463424/DE/ Frame DD5F 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6115741928127463424/DE/inline-video-970x250_static.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa05e94fa7d06887bc2b98ab3748ea7db3825de7e41a437613f43a89158d9c0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6115741928127463424/DE/index.html?e=69&leftOffset=0&topOffset=0&c=DmDh6tSodU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:47:38 GMT
x-content-type-options
nosniff
age
477405
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32505
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 09:50:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 26 Apr 2023 15:47:38 GMT
inline-video-970x250_loading.png
s0.2mdn.net/sadbundle/6115741928127463424/DE/ Frame DD5F 		95 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6115741928127463424/DE/inline-video-970x250_loading.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6115741928127463424/DE/index.html?e=69&leftOffset=0&topOffset=0&c=DmDh6tSodU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:47:38 GMT
x-content-type-options
nosniff
age
477405
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 09:50:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 26 Apr 2023 15:47:38 GMT
file.mp4
r4---sn-4g5ednsr.c.2mdn.net/videoplayback/id/487a3284e53e151a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3793254689/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame DD5F
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/487a3284e53e151a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3793254689/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signat...
  • https://r4---sn-4g5ednsr.c.2mdn.net/videoplayback/id/487a3284e53e151a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3793254689/sparams/acao,ctier,expire,id,ip,ipbits,itag...
2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-4g5ednsr.c.2mdn.net/videoplayback/id/487a3284e53e151a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3793254689/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5505D644686C010EDD18812C17DC1423CFC47BA4.1631E51A1979322032BD04E3E98F17D3C559DF37/key/cms1/cms_redirect/yes/mh/SF/mip/2a00:c98:2030:a004:1::9/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1651463861/mv/u/mvi/4/pl/59/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:401e:28::9 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
3fe84e7a5f9b5272d06042ebb7cb8cec692bcdb1c822632ac89f557dc1f2bde8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 02 May 2022 04:24:23 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 01 Apr 2022 09:50:17 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-1609380/1609381
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1609381
Expires
Mon, 02 May 2022 04:24:23 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:23 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r4---sn-4g5ednsr.c.2mdn.net/videoplayback/id/487a3284e53e151a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3793254689/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5505D644686C010EDD18812C17DC1423CFC47BA4.1631E51A1979322032BD04E3E98F17D3C559DF37/key/cms1/cms_redirect/yes/mh/SF/mip/2a00:c98:2030:a004:1::9/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1651463861/mv/u/mvi/4/pl/59/file/file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
652
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DD5F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 02 May 2022 04:24:23 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5E9C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
18022
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 01 May 2022 23:24:01 GMT
expires
Mon, 01 May 2023 23:24:01 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 57A7 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a30e461353fcbf4358bb4d8e94a183209c286d8c93747e7b32018c7e8fc02c0f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xKcC7NWeHO0V9sRF/0Dwgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-xKcC7NWeHO0V9sRF/0Dwgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 02 May 2022 04:24:23 GMT
expires
Mon, 02 May 2022 04:24:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
L40_bwVzlW8spCJYIlxRfazkqz_naZf8jNC5QLvZgqM.js
pagead2.googlesyndication.com/bg/ Frame 3607 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/L40_bwVzlW8spCJYIlxRfazkqz_naZf8jNC5QLvZgqM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f8d3f6f0573956f2ca42258225c517dace4ab3fe76997fc8cd0b940bbd982a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 23:24:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
18022
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13610
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 01 May 2023 23:24:01 GMT
truncated
/ Frame DD5F 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/gif
prod_studio_01_248_videomodule.js
s0.2mdn.net/879366/ Frame DD5F 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/prod_studio_01_248_videomodule.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ff18e021c3d1a587eb9a6eab9d7299931b572849e07bb530e2c529bf7e99834
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6115741928127463424/DE/index.html?e=69&leftOffset=0&topOffset=0&c=DmDh6tSodU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 17:47:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38221
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4993
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:45:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 May 2022 17:47:22 GMT
L40_bwVzlW8spCJYIlxRfazkqz_naZf8jNC5QLvZgqM.js
pagead2.googlesyndication.com/bg/ Frame DB0B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/L40_bwVzlW8spCJYIlxRfazkqz_naZf8jNC5QLvZgqM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f8d3f6f0573956f2ca42258225c517dace4ab3fe76997fc8cd0b940bbd982a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 23:24:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
18022
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13610
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 01 May 2023 23:24:01 GMT
inline-video-970x250_loading.png
s0.2mdn.net/sadbundle/6115741928127463424/DE/ Frame DD5F 		95 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6115741928127463424/DE/inline-video-970x250_loading.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6115741928127463424/DE/index.html?e=69&leftOffset=0&topOffset=0&c=DmDh6tSodU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:47:38 GMT
x-content-type-options
nosniff
age
477405
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 09:50:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 26 Apr 2023 15:47:38 GMT
inline-video-970x250_static.png
s0.2mdn.net/sadbundle/6115741928127463424/DE/ Frame DD5F 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6115741928127463424/DE/inline-video-970x250_static.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa05e94fa7d06887bc2b98ab3748ea7db3825de7e41a437613f43a89158d9c0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6115741928127463424/DE/index.html?e=69&leftOffset=0&topOffset=0&c=DmDh6tSodU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:47:38 GMT
x-content-type-options
nosniff
age
477405
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32505
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 09:50:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 26 Apr 2023 15:47:38 GMT
L40_bwVzlW8spCJYIlxRfazkqz_naZf8jNC5QLvZgqM.js
pagead2.googlesyndication.com/bg/ Frame DDD5 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/L40_bwVzlW8spCJYIlxRfazkqz_naZf8jNC5QLvZgqM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f8d3f6f0573956f2ca42258225c517dace4ab3fe76997fc8cd0b940bbd982a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 23:24:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
18022
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13610
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 01 May 2023 23:24:01 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D9E7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssm-0_fIEY9INC9ssbB_338JEbnVQJBV6Jw2SAZXCLRmux2mnPVhxEae0Ziju5PKghErWpA9VGQHooh2XayILYvvc8cTerxVwfbv4XgjvS1F8mOtfA7PeyAPGxC&sai=AMfl-YSFGKFpWnK9bmozkpLaZtMZKWy30MvYQCD5ry94jotJEGY-iUnQ4SHP1qWwAeM_-O1Kwy53mhge9UHV_yrZBQ-4mq52OCmxeLkdnFCu6Ri5ixmjRBS_1FglJBXn_86z&sig=Cg0ArKJSzGlYNuIS2HAoEAE&cid=CAASKORoNLf8EGZaSZSaMDNZjPl-G3W4DqxVsDmAEpS2dvM38-q121mSGyI&id=lidar2&mcvt=1059&p=263,315,513,1285&mtos=1059,1059,1059,1059,1059&tos=1059,0,0,0,0&v=20220427&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1666007649&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651465460907&rpt=894&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 57A7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022042601&jk=2241689325901390&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
L40_bwVzlW8spCJYIlxRfazkqz_naZf8jNC5QLvZgqM.js
pagead2.googlesyndication.com/bg/ Frame 5E9C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/L40_bwVzlW8spCJYIlxRfazkqz_naZf8jNC5QLvZgqM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f8d3f6f0573956f2ca42258225c517dace4ab3fe76997fc8cd0b940bbd982a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 23:24:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
18022
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13610
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 01 May 2023 23:24:01 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AE50 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvU71PDXTqW8ac7cUwFTesnihNkwMXZStJ-Oz4dLw8EH1KqHAtHi5841IRT6pEUwGBcLxg_bFkp08Zw9aTW2fTfj0t4F-SCiT0uYQQLhHABh_9D1_nmoYtwBE0q&sai=AMfl-YQkdO2uOVznmRhE4sEn1n83kW2WnQ4lqr1m8_9DV-_zphQue3Rgk2ZkjUxoIZ6nalkjjgErc47KZXw94mK46ab6UeT01wtzG81lnW4WMaghDBeYLs69niTCb_zX1_g&sig=Cg0ArKJSzArSVL8PLiH8EAE&cid=CAASJ-RoJHJQAkiXQpZchQ-3H2PbzaS5waDBfnKGiLfT2P46swRhu8HPaA&id=lidar2&mcvt=1076&p=1106,436,1196,1164&mtos=1076,1076,1076,1076,1076&tos=1076,0,0,0,0&v=20220427&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=173361388&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651465461011&rpt=977&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 040F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bl0ha9lxvYr35CIfu3wOXuIfgCAAAAAA4AeAEAg&bg=!_P-l_7vNAAZNIUvJbSE7ACkAdvg8WqxY3LNHQBkEFf89JgmsDYhAZHailFcne_3iKtc9ACTl4iEpIQIAAAJLUgAAAAloAQeZA0brk74G0kPZiNfarvmXismjyPp8sApoNuI8hmnGhhkaGUokAk5pFRZKFAV3pR6_75Bws0GEbZWudHiUJM3_7cJsW86vLK1AZuzuYHbN5m56iIKiQN0JR-TvJEImv_IcoPphLDkEgnXUqA6rD2tbdLYAxJz5YLffJc4hssWamdBWdQjpPbDslUsyU1XBF2wMmyySBvB5A3C1zHsJBpJoK3KYPsu2Kdea-kayrGbH1ZBjhtaVQHIMua__0SclhqyS3QbuEmJDo-WEky7JQXIRQO7ClsRkAwbmGWyQUU9BTJ1PF9N5e-0Hq5Xl9nn-elFcQoCMd1CKwh01wInDaeydrdTcxvBalzTrzpNYwSszF8k2jKz8FD5tTfxOA_f7D3dfGIGGFBKDhGmynueF6Ueqm4j4LAKJgXmraxZL0OtV-kPVTTV_S6APMbyK8gvOUi4L-gLPMmAZrIFZQkEcUC6CSxwFI-MbPsR5AFF9DDOiM9JSaGZZp5ItLhOrBjNoUjw2vyRC_RN0wa-l3wqfTHhdJ8v9YdCh2HtafNYoaONTPwAunnpmfXlow6ydQAGSzoB1UQdJV5jX3851ySevcC5wCYOjkijpLS5A_7G9dDdf5tMKjwQNxRtDCQG3zUL_dkYw9xyayWZV_MG9D5d-gKlrFmWyYhn0ryxebXcbxyv2jVwqwlM9FQYCkhwME1__LWGdSHEdoCd0QkmF4Dw2dFAsNc_fGzawrtK4uA_odCTDGSh7W2ZLfjCk77_dJ6Ni7VlemQrQUEGX717NlIQe26TtaXmVZ4Khuh12qW7ZQCSXemlZbj2_xzfS2rfnJjgzknUfeDIsPsT97UFjDk5MhTA3yFBH37RTA96u-75beBbAs2RX4S0PhszV9-h46WM7hf9nI_Qtir5TlFR5m5H6nfS62MquZhoDb2tJmuceBOsxwsRc3LL2GMocqo52tl77rvlzMRHARtIGdcMsmr-N7WWgdN3wV0HKjGShmNvISSzZOjRpOoTslSrgTy16iAIYORxDGOypirlQkNMbrJJ5p0X2PEg9aEi8dtKBogLKhDlr59NwpBwhFJopRIDpTCDJW80WMZkX-QpYeEQgEpoxjtmVFhqcgxnfHnoS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_exteid=ABAjH0hT5kiykVZoLaQPwhYg1HlW;dc_pubid=5;met=1;&timestamp=1651465463201;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;
ade.googlesyndication.com/ddm/activity_ext/ Frame D9E7 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_exteid=ABAjH0hT5kiykVZoLaQPwhYg1HlW;dc_pubid=5;met=1;&timestamp=1651465463201;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7BEA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXB6z9lxvYtDQDdWalQfqzJXoCAAAAAA4AeAEAg&bg=!ISKlImbNAAZNIUvJbSE7ACkAdvg8WkhtQW0WPmoejhiP0YJPbpFtdha-JOJlJUaNRFZd8dFg_8IECQIAAAIhUgAAAAFoAQcKABG5w3CnV5Kln5oDzW5w4BkvuJkDPSkKvlcns6_9OuQubXAbUnDDNzuhTEqg1PwKzmi3LzsoZ4dZNkt6klvrhqnsgYjRtHvlrzDuOJqrgLw8RlgIYirhifKeS7im6aR0RoZLhGslYBWGePbsdz94JQk8bvURXDTDLRRXcLAIQufJceucFjBh71n2_-ZZq2SSia_zZz6cVcF0D07RPNVfgix379Wwz-6amk6OaFYvQkxAH6iGF9VPlX9Z9AketARMLTiO9JiPSuTAjMlLCvY47bkTqEw9e9aK_JPT_FqDkEPlbGYvx63zQSgdE-Mxbv5zAqYI8BotS8iBKQ7cbsJl1w2aiK861cGjejf1BJb9Sl3Yx1Cvjq4yy8pZOsu4zY6wm8_msyAKLkxt8jKey2Zj8ZLl8ITcTIj2dLD9V2LeHxWos2pHoLyGv0aM_3Wy7KSRxYFNIzKOQ3V_MyNNuwSKEvCRL-Ttw7ZHIk3k-cklk41m1CcCD5tdzTU_NqccwRejoAN-PH9tRMyIuc2_wwaVHYj4YHLmk6cwtGNdXrKDSZrxonF0PGCwj63zEDal6qg3mL9XOFb8gteCF4OJa5rZOggzdaLTg5TY_eEv1hIP1oEjwa6M7x93yfow4P1ELveXOsrpN0zDyEWx3m9TV7kQde9WsZ-lTx1ME_7NNGwk9d-Rv_Fr1mkamRQCg-ZfOn1xRIQE9CWtfvgTjzoWTSihaI2uYuApzi0GKlFsI6fNwJdN9OhO0aZWatYw5JHi4g1C95Z4xdTaYd-tV1oRCi4ojZdMs3xko3VPm-RD48y9Crtuadk4iVVg82ZS2c_huzNYtjyO-ZMWt9jfuNdU8_iQCICcMyG5yTNYHaHna92ICGtJSi_5iGAP_5f3eTznnUqFfhU_V3ZEai1NW1a7A2fgJnV3QJsBI153hKa6B2nE-A3AsZt_XmdxFRP-alA9E8otbrsd4We2TX5LPqI32AUdQRJxYy9it8f7nf9QpF1deFIPmW-HgnUwVICAQm3AKEc8RD0W7_NM7Sxw8_TSDImo_gR9sdmd4n3lrWYjMAvYiu2mgTLIgUk4FsxZxjw-JoTlM5cW3hJZhKXnwtQWO4wNqpHKfbiAZ9IRUedAReA4LrlmNTQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EAEB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BeBAd9lxvYsnxDZijgAetvZTwAgAAAAA4AeAEAg&bg=!VlWlVRHNAAZNIUvJbSE7ACkAdvg8WtPT-O_otL4LzSwQAsdrBxH-Fxcixg_oU1qj4BS1A4YYxZgTQQIAAAJeUgAAAAloAQeZAyR5ZA4V-u7Hj5fGFUCE6C2UA6aOHEq8MzT1GRLySej8JTyg6HfqVqfKcubHAZE_zUikdrPrX6kxn42C_Scb9w8Bjy6TSpQ7Zo1tN1HPSGC9xVa_m9jT-2hS6Ke86Wv1w5ysrPr8Wo_XRwCz6I86lLzzP0CuCciThGB7BNrGbd0TaAq90MSV_L2vQGl6-g7CEPfy-C7DjnySgh3jIjjOH4q2mAHDRx8e7Wcq5Rt6GqrNL09Z94xDHPb7zBQNlVBtApoGMKi9hyji4NVpy3H7tk0sW2ZdnINGDuzaM1Ht3HrDHjfDRR48wo67Dy81Bk8G6tdnsW3zd3YsUjm0whsrtXDkUvYg8D7qGs2cSSO17rlzajHviIiWsuexNQ33sokGc8ijtM1_9HRJCXobgK2h7smp3VCx3m8saKg31-nqY7kuGFM6bSO5L-rS_QVraZn75zCLpk5siBOf4ouB1X-dt_gWzNc9RzWUkpJr-w1UEMvaEe5aJgfL0HP2o_CGAZ2DSQHGtIvMEzalEF8ucfcZNLYwpW4HUOWhK5zFEpuPU39AVprjGadCFNOjUd23oxDg_nXs85n6fsCnkmFZmkn7FCfqYhalWk5wBs-GKu5SEYhYXleKYhg64bzG-FJZ08zPd4hZ9Y439m9kJtCUJJZuTaSUgVYe3mIkzR_H23cjYc-zIm4BNuFC06XKeKj8PfzRj6MPoMrD9eq4gktM4z0cFw9aLzmA3aiAiXsdBieQhdbP46Ot8QmYst6mRTNn1RZN-ytUEo9a2Yj87VmNG1Nafc55j2R-sezEsJ_9GUBRpWSRX9mi32eSIYwWa6nJehRvc5WwSJXxJK8Et2ErJHD2pRT7tjsxH-ziEJYM3A9O4saH3Ch8jpWp2XFItZN4rwL-F6JPZ7mQ52KIikYlQxv_0JjHYvXDbfpgNm_rZ2zmwFh9VjJSWnpVtxa-zUU224sW79bZ6CJaBfXGLW-ibPpN41ObVvUn8vZy6nVf3Db8dG9YtonyC8ErPFRQFy0DsYI9LbSdjwVYGI9CpZwjf0ds0fleHI07m7dH3o5rfBXTDg4KaxgvFqk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 5E9C 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?zm1eoA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022042601&jk=2241689325901390&bg=!l5SllNDNAAZNIUvJbSE7ACkAdvg8WuZEsu-YKfKe9iEoYBrK7iuwIeSMRTrKoUwGOVYbeRJHB0AZgQIAAAC8UgAAAAJoAQeZAtgf0IiEtqa5egE9voUGT8ua6Fk-KqiQbISwWHnOF3oMjz02Xd29wD-F1CX-XJIy2l1ermJt6GEFCptrn6ojjw21nCBWFNG_CxQ7yup8x-RXgUq6x79BxSaLevNQMAviojDVkHGJEHHAzOnghdZW-qHKXYAIsomv7lTquyoa6T4P2Tfl3pwVv5hGMQoeLtvXJiJqKkbd42XFJtO6I6Ylzc4ocOMnWWw28eNd12B1p8tHw8e6R5IYmDA-eSOEsuHF1VGft2YAoC5dYbwD6ft3nt_MLwa2x7BvCT47cZTAFtS4_W_O-xvTw788kIFzggiNAi1_QlHLMf7Aq7wOsBpuMpjBzwigG_we5V_yHrjmVn39DA3RICyjRi4ToWLnNum8HpaMTo1_SrHHqRsIJXjCGT82aZmQYyqDGeeZWHerOMMum6vF9rWJBkyElbLv_1O2QqktNzAeNQAW1dTTj_CV-1Lg1WaFDJAc9arjejWxFRWDaD-Wm2YbIJKA021IOo_TZC090DiEPiGbiFSWa7zBYglISIuo74SI2FDr60sNeUN7GGJRwiLDhXWiPK4QRtt-5MpINtR-QqM-6pjTZmLxd6OhuNeKONos8jG0cNO_mcn55AgWu6jLM1RZGhRT_RIkSoKCXc1YzAUa7n40xBi17UFdjuNdNwzTZ4NK_a9R8uNrC9Mk-NdRX0qSdW3FDwbeFe0vSyCLOCGr9xjZtFnYQRpCmciaCWdHu2xASo3gVWD16AcZ_oEbEEhux8Z7ohz78heEGBNWzHisjwDUTZ9V7fhRYWkYPtqDgtR1Bql4cFNjx6HXXaKzM_xUbfbkPuz25DqJnRqf86vUERKYf6Fib-qdTjXzAlYxLh99J8VSyZyZ7qF68KCKg86NxXVkJRKj6P8IPyIm1bLd9VGCLjyESJFc4ycMOEqHIAroFS6brwiR4sWd_Fz-C5AJcl_jlFZS83ZvJuoH9gfVuA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fox13now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
event.png
tpsc-eu3.doubleverify.com/ Frame 4AAE 		0
319 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-eu3.doubleverify.com/event.png?impid=eb288f6db7aa4b968fafd9b57a9d43bb&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_atali=1&vdur=172&eoid=9&msrjs=2678&nav_pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&rmi=16&tltms=95&tetms=20&msltms=27&vltms=172&sei=289&vetms=93&engms=1&engisel=1&ttfurm=2313&cbust=1651465464331648
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2678.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:25 GMT
Vary
Origin
Access-Control-Allow-Origin
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
05/01/2022 04:24:25
35747479_20211020090433101_Forex_logo.png
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame 3073 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20211020090433101_Forex_logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89b32d2c190d8bd0b1660601ca99800e162e6583dfd5dd2705ff0f718cdef485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=dHup4iPFus&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 13:00:15 GMT
x-content-type-options
nosniff
age
55450
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3374
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 16:04:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 May 2022 13:00:15 GMT
35747479_20220407041836625_FXUK-Tech_1.jpg
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame 3073 		414 KB
414 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20220407041836625_FXUK-Tech_1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a5bfea6ade5e6b317daa2f8e69a47a111ca31222a8736bd9b0b3dad5e90316d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=dHup4iPFus&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 11:15:37 GMT
x-content-type-options
nosniff
age
61728
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
423895
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 11:18:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 May 2022 11:15:37 GMT
35747479_20211020090550552_1x1-00000000.png
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame 3073 		68 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20211020090550552_1x1-00000000.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=dHup4iPFus&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 13:00:19 GMT
x-content-type-options
nosniff
age
55446
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 16:05:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 May 2022 13:00:19 GMT
abt
capi-tier-1-us-east-2.connatix.com/tr/ Frame 9186 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/abt?v=160259
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.186.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-186-98.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 02 May 2022 04:24:24 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
2000248.html
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame 5C69
Redirect Chain
  • https://sync.serverbid.com/ss/2000248.html
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
d47b0a558d4b3c185baeca529965752d946921f4a10cb7c442b9bbee6985c4a5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=67281
Connection
Keep-Alive
Content-Length
4376
Content-Type
text/html
Date
Mon, 02 May 2022 04:24:25 GMT
Last-Modified
Thu, 31 Jan 2019 14:12:06 GMT
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1651465465.dop125.fr8.t,1651465465.cds209.fr8.shn,1651465465.dop125.fr8.t,1651465465.cds056.fr8.c
age
33
etag
"8ca299ba400101b6642362a2bceff771"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
tx000000000000000f78a78-00626f1229-18e680e2-nyc3a
x-rgw-object-type
Normal

Redirect headers

cache-control
no-cache
content-length
0
location
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
pd
u.openx.net/w/1.0/ Frame 7A1E 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 02 May 2022 04:24:25 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame AC80 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
85077
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 02 May 2022 04:24:25 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 17 Apr 2022 05:21:43 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 544051
X-Served-By
cache-lga21935-LGA, cache-fra19142-FRA
X-Timer
S1651465466.686908,VS0,VE0
pd
u.openx.net/w/1.0/ Frame 9C21 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 02 May 2022 04:24:25 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
sync
eb2.3lift.com/ Frame 3CFE
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
f6db836305f7d72bcb0b4e30315242c3949b3dc58ad93d4edcd3d34f4437a0f8

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
456
content-type
text/html; charset=utf-8
date
Mon, 02 May 2022 04:24:25 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 02 May 2022 04:24:25 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
2000248.html
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame F929
Redirect Chain
  • https://sync.serverbid.com/ss/2000248.html
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
d47b0a558d4b3c185baeca529965752d946921f4a10cb7c442b9bbee6985c4a5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=67281
Connection
Keep-Alive
Content-Length
4376
Content-Type
text/html
Date
Mon, 02 May 2022 04:24:25 GMT
Last-Modified
Thu, 31 Jan 2019 14:12:06 GMT
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1651465465.dop004.fr8.t,1651465465.cds098.fr8.shn,1651465465.dop004.fr8.t,1651465465.cds056.fr8.c
age
33
etag
"8ca299ba400101b6642362a2bceff771"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
tx000000000000000f78a78-00626f1229-18e680e2-nyc3a
x-rgw-object-type
Normal

Redirect headers

cache-control
no-cache
content-length
0
location
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
async_usersync.html
acdn.adnxs.com/dmp/ Frame B81C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
85077
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 02 May 2022 04:24:25 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 17 Apr 2022 05:21:43 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 546228
X-Served-By
cache-lga21935-LGA, cache-fra19134-FRA
X-Timer
S1651465466.687092,VS0,VE0
/
ssc-cms.33across.com/ps/ Frame 938C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bgZdFqByur67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP002 /
Resource Hash

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 02 May 2022 04:24:26 GMT
server
33XP002
x-33x-status
2000208
sync
eb2.3lift.com/ Frame 6013
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
88119b3895cf2917892ae6733dcac17dbf6d03a6310128da71fb0b6e13e071c0

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
454
content-type
text/html; charset=utf-8
date
Mon, 02 May 2022 04:24:25 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 02 May 2022 04:24:25 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync.html
eus.rubiconproject.com/ Frame 90F6 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 02 May 2022 04:24:25 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame B511
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=Ym9c_QAYz_k7IAAy
  • https://usersync.gumgum.com/usersync?b=atm&i=Ym9c_QAYz_k7IAAy&gdpr=1&gdpr_consent=&_test=Ym9c_QAYz_k7IAAy
35 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Ym9c_QAYz_k7IAAy&gdpr=1&gdpr_consent=&_test=Ym9c_QAYz_k7IAAy
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.196.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-196-42.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.fox13now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif
date
Mon, 02 May 2022 04:24:25 GMT
expires
0
pragma
no-cache
server
envoy
x-envoy-upstream-service-time
0
x-region
ireland

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 02 May 2022 04:24:25 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Ym9c_QAYz_k7IAAy&gdpr=1&gdpr_consent=&_test=Ym9c_QAYz_k7IAAy
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra19135-FRA
x-timer
S1651465466.823399,VS0,VE0
generic
match.adsrvr.org/track/cmf/ Frame 3CFE 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 3CFE
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjM3Mjk0MTU1NzM4MTY3MDYxOTE5Nw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjM3Mjk0MTU1NzM4MTY3MDYxOTE5Nw%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjM3Mjk0MTU1NzM4MTY3MDYxOTE5Nw%3D%3D
date
Mon, 02 May 2022 04:24:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 3CFE 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3CFE
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjM3Mjk0MTU1NzM4MTY3MDYxOTE5Nw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjM3Mjk0MTU1NzM4MTY3MDYxOTE5Nw%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjM3Mjk0MTU1NzM4MTY3MDYxOTE5Nw%3D%3D
date
Mon, 02 May 2022 04:24:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 3CFE 		0
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4311888684089713943982&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:25 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: E89C3A8E02684BE08BD222F324D1D476 Ref B: FRAEDGE1306 Ref C: 2022-05-02T04:24:25Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXd/8Ry/BpSPCPFoHCz7Q==
xuid
eb2.3lift.com/ Frame 3CFE
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4311888684089713943982?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-mWW8fyNE2oTvU1_niVxk42AKX5YpX3IeG.f0x6zT6w--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-mWW8fyNE2oTvU1_niVxk42AKX5YpX3IeG.f0x6zT6w--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 02 May 2022 04:24:25 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-mWW8fyNE2oTvU1_niVxk42AKX5YpX3IeG.f0x6zT6w--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
x.bidswitch.net/ Frame 3CFE 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=4311888684089713943982&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.12.233 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-233.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 02 May 2022 04:24:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame 3CFE 		42 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=4311888684089713943982&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:25 GMT
etag
"8120eaf0ff3ad81:0"
last-modified
Fri, 18 Mar 2022 19:39:54 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2ADBBA284B3C453E9D95BFCE5C49B6B6 Ref B: FRAEDGE1208 Ref C: 2022-05-02T04:24:25Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame 3CFE
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=4311888684089713943982
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4311888684089713943982&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4311888684089713943982&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
3PHT7EY4VFFBHHD79D93
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4311888684089713943982&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 3CFE
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Mon, 02 May 2022 04:24:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
generic
match.adsrvr.org/track/cmf/ Frame 6013 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 6013
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjM3Mjk0MTU1NzM4MTY3MDYxOTE5Nw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjM3Mjk0MTU1NzM4MTY3MDYxOTE5Nw%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjM3Mjk0MTU1NzM4MTY3MDYxOTE5Nw%3D%3D
date
Mon, 02 May 2022 04:24:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 6013 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6013
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjM3Mjk0MTU1NzM4MTY3MDYxOTE5Nw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjM3Mjk0MTU1NzM4MTY3MDYxOTE5Nw%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjM3Mjk0MTU1NzM4MTY3MDYxOTE5Nw%3D%3D
date
Mon, 02 May 2022 04:24:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 6013 		0
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2372941557381670619197&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:25 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: B5D62DC11315408299D69E3C7078E5E6 Ref B: FRAEDGE1306 Ref C: 2022-05-02T04:24:25Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXd/8Ry2U7ilAyE/tvOkA==
xuid
eb2.3lift.com/ Frame 6013
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2372941557381670619197?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-eltfhHNE2oSnUcZ8wrNItDVW.qfxNhbeeQPP2ffBfg--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-eltfhHNE2oSnUcZ8wrNItDVW.qfxNhbeeQPP2ffBfg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 02 May 2022 04:24:25 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-eltfhHNE2oSnUcZ8wrNItDVW.qfxNhbeeQPP2ffBfg--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
x.bidswitch.net/ Frame 6013 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=2372941557381670619197&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.12.233 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-233.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 02 May 2022 04:24:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame 6013 		42 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2372941557381670619197&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:25 GMT
etag
"8120eaf0ff3ad81:0"
last-modified
Fri, 18 Mar 2022 19:39:54 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2539BB67431B4AEEAAEF9141A649F0DA Ref B: FRAEDGE1208 Ref C: 2022-05-02T04:24:25Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame 6013
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2372941557381670619197
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2372941557381670619197&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2372941557381670619197&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
DQ5QRY7WJVB10898VK9B
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2372941557381670619197&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 6013
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Mon, 02 May 2022 04:24:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
usync.js
eus.rubiconproject.com/ Frame 90F6 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9373556c315280b756fbe5e357153b8b34d73c3da1a92367a1018561912d4a3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 02 May 2022 04:24:25 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=79835
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9542
Expires
Tue, 03 May 2022 02:35:00 GMT
async_usersync
ib.adnxs.com/ Frame AC80 		0
740 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:25 GMT
X-Proxy-Origin
37.58.58.246; 37.58.58.246; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7a210eae-1805-430e-a9d8-b56a940b1e08
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame B81C 		0
740 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:25 GMT
X-Proxy-Origin
37.58.58.246; 37.58.58.246; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3f875fc9-cdbb-45f2-a30e-942bbe7e4bb2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 90F6
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=CSGIP6qkTESndtFRxKR0FQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=CSGIP6qkTESndtFRxKR0FQ
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=CSGIP6qkTESndtFRxKR0FQ
Protocol
HTTP/1.1
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
CY3EB7AXQR9BWERFDF2A
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=CSGIP6qkTESndtFRxKR0FQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 90F6 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
setuid
px.ads.linkedin.com/ Frame 90F6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L2O7W8GK-1V-22HO
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L2O7W8GK-1V-22HO
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:25 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 7822F2F5DA2445A3BDCECE39B40E67E2 Ref B: FRAEDGE1306 Ref C: 2022-05-02T04:24:25Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXd/8R12nSSIRhqC3BwCA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L2O7W8GK-1V-22HO
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame 90F6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L2O7W8GK-1V-22HO&sigv=1&esig=2~f1b9be71474d3109568217ec0527e803e43c7c51
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L2O7W8GK-1V-22HO&sigv=1&esig=2~f1b9be71474d3109568217ec0527e803e43c7c51
Protocol
H2
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:26 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L2O7W8GK-1V-22HO&sigv=1&esig=2~f1b9be71474d3109568217ec0527e803e43c7c51
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 90F6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKWr0j1WzGZzLecnil1UFrg&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKWr0j1WzGZzLecnil1UFrg&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKWr0j1WzGZzLecnil1UFrg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 90F6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJPN1c4R0stMVYtMjJITw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJPN1c4R0stMVYtMjJITw==
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJPN1c4R0stMVYtMjJITw==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 90F6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 90F6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjYyMTVkMDAzODZmZTgwOGZmM2RiZWE3ODZlOWRiYTNmYjczNjM1Yg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjYyMTVkMDAzODZmZTgwOGZmM2RiZWE3ODZlOWRiYTNmYjczNjM1Yg
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjYyMTVkMDAzODZmZTgwOGZmM2RiZWE3ODZlOWRiYTNmYjczNjM1Yg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usync.html
eus.rubiconproject.com/ Frame 51C2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 02 May 2022 04:24:26 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 02 May 2022 04:24:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AA0B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=92961
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 02 May 2022 04:24:26 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 03 May 2022 06:13:47 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 448D 		995 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
31186804
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
506
Content-Type
text/html
Date
Mon, 02 May 2022 04:24:26 GMT
ETag
W/"573e714d-3e3"
Expires
Thu, 06 May 2021 05:24:22 GMT
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
Server
nginx/1.13.10
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
11367, 29136
X-Served-By
cache-lga21975-LGA, cache-fra19134-FRA
X-Timer
S1651465466.039984,VS0,VE0
prebid
rtb.openx.net/sync/ Frame 5C69 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:25 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
934udkpia8227v72j3ortvvbqa3odh69
i.gif
e.serverbid.com/udb/9969/sync/ Frame 5C69
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=849652762157515448
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=849652762157515448
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:26 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:26 GMT
X-Proxy-Origin
37.58.58.246; 37.58.58.246; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b503e3fd-275e-425d-8ec5-b4db0864a981
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=849652762157515448
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 5C69
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://pixel.advertising.com/ups/56621/occ?verify=true
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPc023d64f-c9cf-11ec-bd34-02087eb080fc
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPc023d64f-c9cf-11ec-bd34-02087eb080fc
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPc023d64f-c9cf-11ec-bd34-02087eb080fc
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:25 GMT
content-length
0

Redirect headers

location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPc023d64f-c9cf-11ec-bd34-02087eb080fc
date
Mon, 02 May 2022 04:24:26 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
i.gif
e.serverbid.com/udb/9969/sync/ Frame 5C69
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=Ym9c9hkFj-qPLj-uiMyvHgAA%261150
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=Ym9c9hkFj-qPLj-uiMyvHgAA%261150
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:26 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=Ym9c9hkFj-qPLj-uiMyvHgAA%261150
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
282
Expires
Mon, 02 May 2022 04:24:26 GMT
pixel
ap.lijit.com/ Frame 5C69 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 02 May 2022 04:24:26 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
usa
sync.go.sonobi.com/ Frame 5C69 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:26 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ue1-sb1-8da5aafb-c93f-438a-8856-7f8d35454ce9
p.adsymptotic.com/d/px/ Frame 5C69
Redirect Chain
  • https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.8102903506927719%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid=
  • https://p.adsymptotic.com/d/px/ue1-sb1-8da5aafb-c93f-438a-8856-7f8d35454ce9
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/ue1-sb1-8da5aafb-c93f-438a-8856-7f8d35454ce9
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
104.18.102.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Redirect headers

location
https://p.adsymptotic.com/d/px/ue1-sb1-8da5aafb-c93f-438a-8856-7f8d35454ce9
cache-control
no-cache
content-length
0
prebid
rtb.openx.net/sync/ Frame F929 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:25 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
jsldjkfhacr5l8gvtj5n8id8n1squ050
i.gif
e.serverbid.com/udb/9969/sync/ Frame F929
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=849652762157515448
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=849652762157515448
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:26 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:26 GMT
X-Proxy-Origin
37.58.58.246; 37.58.58.246; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e54c6566-7bdf-49a7-afc4-db2f7ecbb0c8
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=849652762157515448
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame F929
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://pixel.advertising.com/ups/56621/occ?verify=true
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPc023d64f-c9cf-11ec-bd34-02087eb080fc
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPc023d64f-c9cf-11ec-bd34-02087eb080fc
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPc023d64f-c9cf-11ec-bd34-02087eb080fc
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:26 GMT
content-length
0

Redirect headers

location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPc023d64f-c9cf-11ec-bd34-02087eb080fc
date
Mon, 02 May 2022 04:24:26 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
i.gif
e.serverbid.com/udb/9969/sync/ Frame F929
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=Ym9c9hkFj-qPLj-uiMyvHgAA%261150
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=Ym9c9hkFj-qPLj-uiMyvHgAA%261150
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:26 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=Ym9c9hkFj-qPLj-uiMyvHgAA%261150
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
282
Expires
Mon, 02 May 2022 04:24:26 GMT
pixel
ap.lijit.com/ Frame F929 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 02 May 2022 04:24:26 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
usa
sync.go.sonobi.com/ Frame F929 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:26 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 5DEC
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 02 May 2022 04:24:26 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 02 May 2022 04:24:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C8A8 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=92961
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 02 May 2022 04:24:26 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 03 May 2022 06:13:47 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame CF84 		995 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
31186804
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
506
Content-Type
text/html
Date
Mon, 02 May 2022 04:24:26 GMT
ETag
W/"573e714d-3e3"
Expires
Thu, 06 May 2021 05:24:22 GMT
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
Server
nginx/1.13.10
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
11367, 29137
X-Served-By
cache-lga21975-LGA, cache-fra19134-FRA
X-Timer
S1651465466.050960,VS0,VE0
ue1-sb1-8da5aafb-c93f-438a-8856-7f8d35454ce9
p.adsymptotic.com/d/px/ Frame F929
Redirect Chain
  • https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.8869185467752052%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid=
  • https://p.adsymptotic.com/d/px/ue1-sb1-8da5aafb-c93f-438a-8856-7f8d35454ce9
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/ue1-sb1-8da5aafb-c93f-438a-8856-7f8d35454ce9
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
104.18.102.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Redirect headers

location
https://p.adsymptotic.com/d/px/ue1-sb1-8da5aafb-c93f-438a-8856-7f8d35454ce9
cache-control
no-cache
content-length
0
usync.js
eus.rubiconproject.com/ Frame 51C2 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9373556c315280b756fbe5e357153b8b34d73c3da1a92367a1018561912d4a3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 02 May 2022 04:24:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=79834
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9542
Expires
Tue, 03 May 2022 02:35:00 GMT
event.png
tpsc-eu3.doubleverify.com/ Frame 4AAE 		0
319 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-eu3.doubleverify.com/event.png?impid=eb288f6db7aa4b968fafd9b57a9d43bb&gdpr=&gdpr_consent=&msrcanlm=904&msrcannum=3&eoid=11&ismms=61&isumms=60&isvelg=1&nvr=6&elmtp=1&isbxdms=2361&b0=100&b11=2414&adhgt=250&adwdth=970&norwdth=970&norhgt=250&engisel=1&vsos=13&dvp_vsosnmr=16&lftb=2514&sftb=2514&msrdp=3&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=970&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1123&isuiabvms=1123&ispmxpms=1123&iscvmvms=1961&engalms=59&engscrlms=194&dvp_pageEng=true&dvp_dpr=1&cbust=1651465465356826
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2678.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:26 GMT
Vary
Origin
Access-Control-Allow-Origin
https://a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
05/01/2022 04:24:26
usync.js
eus.rubiconproject.com/ Frame 5DEC 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9373556c315280b756fbe5e357153b8b34d73c3da1a92367a1018561912d4a3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Mon, 02 May 2022 04:24:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=79834
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9542
Expires
Tue, 03 May 2022 02:35:00 GMT
async_usersync
secure.adnxs.com/ Frame 448D 		0
740 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:26 GMT
X-Proxy-Origin
37.58.58.246; 37.58.58.246; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3ad017dc-49ba-4712-bdd9-01188cacbb38
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
secure.adnxs.com/ Frame CF84 		0
740 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:26 GMT
X-Proxy-Origin
37.58.58.246; 37.58.58.246; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c14dd999-256b-4b6b-97d0-549af66086d7
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 51C2 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17632&khaos=L2O7W8GK-1V-22HO
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
ace9692b4e77bdf741ff63add80edaca
Content-Type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame AA0B 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=28089457&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
f09c98528c2f78b7794aeb77c89baed5a9b1839e657bc2656658a063fdbd9439

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:26 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync
ib.adnxs.com/ Frame AC80 		0
740 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:26 GMT
X-Proxy-Origin
37.58.58.246; 37.58.58.246; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5f462118-8a79-4b19-ba69-470019250301
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame B81C 		0
740 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:26 GMT
X-Proxy-Origin
37.58.58.246; 37.58.58.246; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b0b5e022-5a8c-4e54-a42a-d03f7280fd76
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
35747479_20211020090433101_Forex_logo.png
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame 3073 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20211020090433101_Forex_logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89b32d2c190d8bd0b1660601ca99800e162e6583dfd5dd2705ff0f718cdef485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=dHup4iPFus&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 13:00:15 GMT
x-content-type-options
nosniff
age
55452
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3374
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 16:04:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 May 2022 13:00:15 GMT
35747479_20220407041836625_FXUK-Tech_1.jpg
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame 3073 		414 KB
414 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20220407041836625_FXUK-Tech_1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a5bfea6ade5e6b317daa2f8e69a47a111ca31222a8736bd9b0b3dad5e90316d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=dHup4iPFus&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 11:15:37 GMT
x-content-type-options
nosniff
age
61730
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
423895
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 11:18:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 May 2022 11:15:37 GMT
35747479_20211020090550552_1x1-00000000.png
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame 3073 		68 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20211020090550552_1x1-00000000.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=dHup4iPFus&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 13:00:19 GMT
x-content-type-options
nosniff
age
55448
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 16:05:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 May 2022 13:00:19 GMT
st
capi-tier-1-us-east-2.connatix.com/tr/ Frame 9186 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/st?v=160259
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.186.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-186-98.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 02 May 2022 04:24:26 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.fox13now.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
match
c1.adform.net/serving/cookie/ Frame 2486
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 02 May 2022 04:24:28 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Mon, 02 May 2022 04:24:27 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 6694
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ym9c_QAYz_k7IAAy&gdpr=0&gdpr_consent=
1 B
546 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ym9c_QAYz_k7IAAy&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 02 May 2022 04:24:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
lhrpug001:0:478

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 02 May 2022 04:24:27 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ym9c_QAYz_k7IAAy&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra19135-FRA
x-timer
S1651465468.863030,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame E55D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4258626f-5cfc-4400-a1ea-03b44ace646e&gdpr=0&gdpr_consent=
42 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4258626f-5cfc-4400-a1ea-03b44ace646e&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 02 May 2022 04:24:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
lhrpug030:0:597

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 02 May 2022 04:24:28 GMT
Expires
Mon, 02 May 2022 04:24:27 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4335 2c68c00 master ord-pixel-x5 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4258626f-5cfc-4400-a1ea-03b44ace646e&gdpr=0&gdpr_consent=
adx
match.prod.bidr.io/cookie-sync/ Frame F902
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCS0drN0Uzcm9BQURzMm1aN2JrUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.200.111 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
43
Date
Mon, 02 May 2022 04:24:28 GMT
Server
nginx
cache-control
no-cache, must-revalidate
content-type
image/gif
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
355
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 May 2022 04:24:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync.aspx
dis.criteo.com/dis/ Frame 56C2 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Mon, 02 May 2022 04:24:27 GMT
expires
Mon, 02 May 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
680448
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
bridge
cm.adgrx.com/ Frame A736 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.179 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 02 May 2022 04:24:28 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
ams-delivery-7
server
Cowboy
141
match.deepintent.com/usersync/ Frame 3D1F 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 -, , ASN (),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 02 May 2022 04:24:27 GMT
server
c
Pug
simage2.pubmatic.com/AdServer/ Frame 268D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Fidn7SkuSxtSvuZwHVPEBiU6OvY
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Fidn7SkuSxtSvuZwHVPEBiU6OvY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 02 May 2022 04:24:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
lhrpug008:0:366

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Mon, 02 May 2022 04:24:28 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Fidn7SkuSxtSvuZwHVPEBiU6OvY
i.match
s.tribalfusion.com/z/ Frame 24DA
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
423 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:230b -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
704dfcc8d9469042-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 02 May 2022 04:24:28 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
704dfcc66eaf9042-FRA
content-type
text/html
date
Mon, 02 May 2022 04:24:28 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
14321
Pug
simage2.pubmatic.com/AdServer/ Frame 21A4
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:0XBMYQJd1NLnBN5&gdpr=0&gdpr_consent=
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:0XBMYQJd1NLnBN5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 02 May 2022 04:24:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
lhrpug002:0:551

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Mon, 02 May 2022 04:24:27 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:0XBMYQJd1NLnBN5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0ae965e2f8a6b4310@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 34DC
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=6df921bd-3799-492a-a25b-7f8cee8bdc04&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A
42 B
353 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.177.106 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
42
content-type
image/gif
date
Mon, 02 May 2022 04:24:28 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 02 May 2022 04:24:28 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
lhrpug029:0:412
Pug
simage2.pubmatic.com/AdServer/ Frame 180E
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=666827565845
42 B
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=666827565845
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 02 May 2022 04:24:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
lhrpug003:0:442

Redirect headers

access-control-allow-origin
*
content-length
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=666827565845
Pug
simage2.pubmatic.com/AdServer/ Frame A535
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1651465467942
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 02 May 2022 04:24:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
lhrpug007:0:373

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 02 May 2022 04:24:27 GMT
etag
OPTOUT
expires
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
pragma
no-cache
server
Tengine
noop
px.owneriq.net/ Frame 676B
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Document
General
Check archive.org
Download Go to
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.91.221 -, , ASN (),
Reverse DNS
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 02 May 2022 04:24:27 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 02 May 2022 04:24:27 GMT
Location
https://px.owneriq.net/noop?ct=image%2Fgif
Server
AkamaiGHost
i.gif
e.serverbid.com/udb/9969/sync/ Frame 2309 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 02 May 2022 04:24:27 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AA0B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4OnbnacqQ5u2nPPwwO2rCg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:27 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=92960
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Tue, 03 May 2022 06:13:47 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
420486.gif
idsync.rlcdn.com/ Frame AA0B 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/420486.gif?partner_uid=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame AA0B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d5ea626f-5cfc-4500-bce8-a05959c513e2
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d5ea626f-5cfc-4500-bce8-a05959c513e2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:29 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 02 May 2022 04:24:28 GMT
Server
MT3 4335 2c68c00 master ord-pixel-x56 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d5ea626f-5cfc-4500-bce8-a05959c513e2
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 02 May 2022 04:24:27 GMT
Pug
image2.pubmatic.com/AdServer/ Frame AA0B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTBFOURCOUQtQTcyQS00MzlCLUI2OUMtRjNGMEMwRURBQjBB&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:28 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:386
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame AA0B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIRIRjR9iuppK56Im3rx7EM&google_cver=1
42 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIRIRjR9iuppK56Im3rx7EM&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:28 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug029:0:378
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIRIRjR9iuppK56Im3rx7EM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame AA0B 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.184 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:27 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 01 May 2022 04:24:27 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame AA0B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4103765030608565843&gdpr=0&gdpr_consent=&us_privacy=
1 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4103765030608565843&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:28 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug026:0:419
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4103765030608565843&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 02 May 2022 04:24:27 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
generic
match.adsrvr.org/track/cmf/ Frame AA0B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:27 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame AA0B 		43 B
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:11a:a397:8c8e:9db5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:27 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame AA0B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1HSvhftE2uUtujet5N8IK8RgyhVYrm0-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1HSvhftE2uUtujet5N8IK8RgyhVYrm0-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1HSvhftE2uUtujet5N8IK8RgyhVYrm0-~A&gdpr=0&gdpr_consent=
date
Mon, 02 May 2022 04:24:27 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
current
pubmatic-match.dotomi.com/match/bounce/ Frame AA0B 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:28 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame AA0B
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=c1905e94-c9cf-11ec-999f-fd224d246e20&gdpr=0&gdpr_consent=
1 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=c1905e94-c9cf-11ec-999f-fd224d246e20&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:28 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:388
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=c1905e94-c9cf-11ec-999f-fd224d246e20&gdpr=0&gdpr_consent=
Date
Mon, 02 May 2022 04:24:28 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
c1905e95-c9cf-11ec-999f-fd224d246e20
Pug
image2.pubmatic.com/AdServer/ Frame AA0B
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=v6TCvrz1krqk88Ds7aDZ7733lu2kpMe-6qNnOh3R
42 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=v6TCvrz1krqk88Ds7aDZ7733lu2kpMe-6qNnOh3R
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:28 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:376
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:27 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=v6TCvrz1krqk88Ds7aDZ7733lu2kpMe-6qNnOh3R
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame AA0B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=849652762157515448&gdpr=0&gdpr_consent=
42 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=849652762157515448&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:28 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:506
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:27 GMT
X-Proxy-Origin
37.58.58.246; 37.58.58.246; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e58e378f-c9ec-4c8d-ab63-9434e441e19a
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=849652762157515448&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame AA0B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=4eb98a78-f1ac-47b0-ab62-ab41f34ef3ae&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=075a5684-9ade-45fe-af23-00441f6805d5&gdpr=&gdpr_consent=&gdpr_pd=
1 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=075a5684-9ade-45fe-af23-00441f6805d5&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:28 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:350
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=075a5684-9ade-45fe-af23-00441f6805d5&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 02 May 2022 04:24:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame AA0B 		0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.220.218 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:28 GMT
content-length
0
content-type
text/plain
sn.ashx
pmp.mxptint.net/ Frame AA0B
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1D531_EF39E735_6C77B5F3&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
HTTP/1.1
Server
38.67.14.233 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-334452268; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:28 GMT
Cache-Control
no-cache
Expires
-1
Content-Length
43
Strict-Transport-Security
max-age=-334452268; includeSubDomains
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Mon, 02 May 2022 04:24:28 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug011:0:442
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame AA0B 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 -, , ASN (),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:28 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame AA0B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2757220421956868072
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2757220421956868072
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:28 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug024:0:383
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:28 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2757220421956868072
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame AA0B
Redirect Chain
  • https://sync.resetdigital.co:10001/csync/pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000AB6F0A3D75
42 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000AB6F0A3D75
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:28 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug022:0:453
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 02 May 2022 04:24:39 GMT
Server
nginx/1.18.0 (Ubuntu)
Front-End-Https
on
Content-Type
text/html
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000AB6F0A3D75
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame C8A8 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=59947281&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c36817da0dbf2533ba7892aa3aa946f059f6724bb1f9f0197720dd78e32e28b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:27 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
35747479_20211020090433101_Forex_logo.png
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame 3073 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20211020090433101_Forex_logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89b32d2c190d8bd0b1660601ca99800e162e6583dfd5dd2705ff0f718cdef485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=dHup4iPFus&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 13:00:15 GMT
x-content-type-options
nosniff
age
55454
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3374
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 16:04:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 May 2022 13:00:15 GMT
35747479_20220407041836625_FXUK-Tech_1.jpg
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame 3073 		414 KB
414 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20220407041836625_FXUK-Tech_1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a5bfea6ade5e6b317daa2f8e69a47a111ca31222a8736bd9b0b3dad5e90316d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=dHup4iPFus&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 11:15:37 GMT
x-content-type-options
nosniff
age
61732
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
423895
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 11:18:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 May 2022 11:15:37 GMT
35747479_20211020090550552_1x1-00000000.png
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame 3073 		68 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20211020090550552_1x1-00000000.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=dHup4iPFus&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 13:00:19 GMT
x-content-type-options
nosniff
age
55450
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 16:05:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 May 2022 13:00:19 GMT
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 07F0
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=0d69f59d-c626-4e23-a8f9-27472c545ae9-tuct968e27d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=0d69f59d-c626-4e23-a8f9-27472c545ae9-tuct968e27d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Mon, 02 May 2022 04:24:29 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra19140-FRA
x-timer
S1651465469.314549,VS0,VE9

Redirect headers

accept-ranges
bytes
content-length
0
date
Mon, 02 May 2022 04:24:29 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=0d69f59d-c626-4e23-a8f9-27472c545ae9-tuct968e27d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra19173-FRA
x-timer
S1651465469.274831,VS0,VE9
x-vcl-time-ms
9
usersync
match.bnmla.com/ Frame 1BC1 		0
0
pubmatic
gocm.c.appier.net/ Frame 0DB7 		0
0
pub
matching.truffle.bid/sync/ Frame 50A7 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 93E8
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
89 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 02 May 2022 04:24:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
lhrpug008:2:346

Redirect headers

content-length
0
date
Mon, 02 May 2022 04:24:29 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
server
_
cookiesync
core.iprom.net/ Frame 220D 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 02 May 2022 04:24:29 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-f186cf4f301b@version_1.419
X-core-time
0ms
X-server-arch
v2
15
mweb.ck.inmobi.com/sync/ Frame A89C 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 6426
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:07EF5973657A47F18676EC61408A95CB
1 B
164 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:07EF5973657A47F18676EC61408A95CB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 02 May 2022 04:24:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
lhrpug022:0:472

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
138
content-type
text/html
date
Mon, 02 May 2022 04:24:29 GMT
expires
Sun, 01 May 2022 04:24:29 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:07EF5973657A47F18676EC61408A95CB
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
i.gif
e.serverbid.com/udb/9969/sync/ Frame 8AA3 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 02 May 2022 04:24:29 GMT
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=7f0d5f135946cc0a/gdpr=1/ Frame C8A8
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=7f0d5f135946cc0a/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
0
0
Artemis
aud.pubmatic.com/AdServer/ Frame C8A8
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A&addseg=19,36,42
0
0
info
uipglob.semasio.net/pubmatic/1/ Frame C8A8 		0
0
g.pixel
aa.agkn.com/adscores/ Frame C8A8 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.134.175.161 -, , ASN (),
Reverse DNS
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:29 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame C8A8
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=849652762157515448
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=849652762157515448
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:29 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:528
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 02 May 2022 04:24:29 GMT
X-Proxy-Origin
37.58.58.246; 37.58.58.246; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7410ebb1-7aa7-42a5-9781-06f2d396e7b8
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=849652762157515448
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C8A8
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:0c80e606-3fab-4346-9c38-2c2aaa56109a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:0c80e606-3fab-4346-9c38-2c2aaa56109a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 02 May 2022 04:24:29 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug028:0:348
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:0c80e606-3fab-4346-9c38-2c2aaa56109a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 02 May 2022 04:24:29 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
d1ba4609
rtb.gumgum.com/getuid/ Frame C8A8 		35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-98.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:24:29 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
match.bnmla.com
URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Domain
gocm.c.appier.net
URL
https://gocm.c.appier.net/pubmatic
Domain
matching.truffle.bid
URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Domain
mweb.ck.inmobi.com
URL
https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
Domain
sync.crwdcntrl.net
URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=7f0d5f135946cc0a/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Domain
aud.pubmatic.com
URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A&addseg=19,36,42
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A&sInitiator=external&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| ScrippsAdLib string| daysSincePublished string| datePublished object| publishedTime object| modifiedTime function| getCookie object| gtmObj string| callLetters string| jsTags string| jsPublishDate string| jsUpdateDate string| jsIsBreaking string| jsIsAlert string| jsAuthors string| jsHasVideo string| jsSection string| jsPageType string| jsDisablePrerollAds string| jsDisableDisplayAds string| jsDisableInlineVideoAds string| jsFname object| dataLayer function| x00_0x1f86 function| x00_0x7e8a object| _Scanner function| onReady object| OneTrustStub function| OptanonWrapper object| ddls object| adsOnPage boolean| IS_CMS object| _disable object| AdDebugger object| ScrippsUtils object| StickyRightRail object| sUserHub object| AdTargetingParams object| DynamicTargetingParams object| ScrippsOutstreamPlayer object| ScrippsAdsLib object| ImageLazyLoad object| googletag object| apstag object| advBidxc object| pbjs object| ScrippsAdUtils function| _getCurrentAdInfo function| fbAsyncInit function| ready function| loadChartbeat object| UA function| cnxps string| contentType undefined| define function| ReconnectingWebSocket object| ScrippsUserHub object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| HeaderSM object| FB boolean| apstagLOADED object| google_tag_manager function| _typeof object| PARSELY function| pbjsChunk object| _pbjsGlobals object| google_tag_data string| GoogleAnalyticsObject function| ga object| _comscore string| jsWxTemp string| jsWxCond object| ggeac object| google_js_reporting_queue object| __ctcg_65349_0_exec object| cnx_usr_storage function| udm_ object| ns_p object| COMSCORE object| gaplugins object| gaGlobal object| gaData undefined| google_measure_js_timing object| _ScrippsAdLib string| jsInitialBreakpoint object| TRUE_ANTHEM object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| cnxPlugins number| google_global_correlator object| google_image_requests object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| ampInaboxIframes object| ampInaboxPendingMessages object| closure_lm_720138 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms function| cnxAddEventListener

45 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQzN6MmIgwCgoIgQIQzN6MmIgwCgoI4gEQzN6MmIgwCgoI5gEQzN6MmIgwCgoIhwIQzN6MmIgwCgkICRDM3oyYiDAKCQg6EMzejJiIMAoJCAsQzN6MmIgwCgoIjAIQzN6MmIgwCgkIXxDM3oyYiDA=
www.fox13now.com/ Name: mnet_session_depth
Value: 1%7C1651465458824
.fox13now.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth%22%2C%22sref%22:%22%22%2C%22sts%22:1651465458848%2C%22slts%22:0}
.fox13now.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=b5ae44d7198de1b79b451a9fbdcd0885%22%2C%22session_count%22:1%2C%22last_session_ts%22:1651465458848}
.scorecardresearch.com/ Name: UID
Value: 1D8fd4f64b2cd660d3acf431651465459
.fox13now.com/ Name: _ga
Value: GA1.2.1053014728.1651465459
.fox13now.com/ Name: _gid
Value: GA1.2.862584216.1651465459
.fox13now.com/ Name: _dc_gtm_UA-27022641-1
Value: 1
.fox13now.com/ Name: _dc_gtm_UA-29479748-9
Value: 1
.fox13now.com/ Name: _dc_gtm_UA-40066851-1
Value: 1
.adnxs.com/ Name: icu
Value: ChgIxIZ3EAoYASABKAEw9Lm9kwY4AUABSAEQ9Lm9kwYYAA..
.adnxs.com/ Name: uuid2
Value: 849652762157515448
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: SfolTs1ZIlM84W2T_Mq8iA6vcLYe7zszB-w5hwjsqULHjuvVSf9g9axLhKRU_NF3OjayRiIKcE-vIajS1hPOyNksLPPEPOmXlOOTPqsrP1c
.rubiconproject.com/ Name: khaos
Value: L2O7W8GK-1V-22HO
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB122Io5O8M2B7JGe4Ni1ThWK2euPP2lVg20RTcz8e+19aV4SjGj2jhUv3x9nf74OVJjzOjwT/dn4eBxGCOXoSK1La0KTFi9hDCma+WVcS1g3g==
.gumgum.com/ Name: vst
Value: e_27919dee-ae40-4c3b-885e-178118bb53f0
e.serverbid.com/ Name: azk
Value: ue1-sb1-8da5aafb-c93f-438a-8856-7f8d35454ce9
.doubleclick.net/ Name: IDE
Value: AHWqTUnyI17L6nkbFCs_i3MNoHni0LzhzuduQ3VIWH9Udm2bk1lJIk8KyEHtDl21xgI
.fox13now.com/ Name: __gads
Value: ID=49bb245419aa8e38-2204267787cd0035:T=1651465460:S=ALNI_MZwF906SqXlXanjAqBS4eUErc4e7A
.casalemedia.com/ Name: CMID
Value: Ym9c9hkFj-qPLj-uiMyvHgAA
.casalemedia.com/ Name: CMPS
Value: 3195
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In7t@5ck!]tbPl1M>e)ZlrFUfJ+tGXxoH_I`B2a9mPz]3b*=J/oa8HqCqS`dXEGLVL0p3If)y3KL9D3I?+tBWhe0
.casalemedia.com/ Name: CMPRO
Value: 1150
.casalemedia.com/ Name: CMRUM3
Value: 2d626f5cf62760CAESENKM8WR2VaICYw9pmsbWvZo
.3lift.com/ Name: tluid
Value: 2372941557381670619197
.bing.com/ Name: MUID
Value: 171F9F3AECCF6D0E09E18EA2ED1D6CD0
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Ym9c_QAYz_k7IAAy
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: lidc
Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2366:u=1:x=1:i=1651465465:t=1651551865:v=2:sig=AQHGBq2XGBsOsAlA6JDJ5b_RVJHxd_Tg"
.linkedin.com/ Name: bcookie
Value: "v=2&6c855e43-8466-4026-8867-b7b9b1497566"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTE0NjU0NjU7MjswMjFSQuvR3zyGfAYF5Sgn2iOuDA+fWz3EJfueex7WvIm5ZA==
.yahoo.com/ Name: A3
Value: d=AQABBPlcb2ICEBiNh9Z96_EKkpjuxlmzmCMFEgEBAQGucGJ5YgAAAAAA_eMAAA&S=AQAAAhoIkurvDI_bCSpgB9JnHvA
.advertising.com/ Name: APID
Value: UPc023d64f-c9cf-11ec-bd34-02087eb080fc
.casalemedia.com/ Name: CMST
Value: Ym9c9mJvXPoA
.analytics.yahoo.com/ Name: IDSYNC
Value: 17ot~24ng
.ads.pubmatic.com/ Name: KCCH
Value: YES
.amazon-adsystem.com/ Name: ad-id
Value: A1NhRSQBz0voiO2V3a-FnHQ
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.pubmatic.com/ Name: KADUSERCOOKIE
Value: E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 156319:2
.pubmatic.com/ Name: DPSync3
Value: 1652659200%3A201_197%7C1652054400%3A164%7C1651536000%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1652659200%3A165_55_5_99_54_7_176_71_104_178_48_220_21_166_56_22_231_13_3_233_240_8%7C1652054400%3A2_38_15_223%7C1652313600%3A63%7C1654041600%3A224%7C1651881600%3A216%7C1652745600%3A35

7 Console Messages

Source Level URL
Text
network error URL: https://cdn.cookielaw.org/consent/000000/000000.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.fox13now.com/weather/school-closings-delays?_renderer=json
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://p.adsymptotic.com/d/px/ue1-sb1-8da5aafb-c93f-438a-8856-7f8d35454ce9
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://p.adsymptotic.com/d/px/ue1-sb1-8da5aafb-c93f-438a-8856-7f8d35454ce9
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://idsync.rlcdn.com/420486.gif?partner_uid=E0E9DB9D-A72A-439B-B69C-F3F0C0EDAB0A
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
a8c862da40448ec7c2611671ecd983ed.safeframe.googlesyndication.com
aa.agkn.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.avct.cloud
ads.playground.xyz
ads.pubmatic.com
ads.rubiconproject.com
ads.yahoo.com
adservice.google.com
adservice.google.de
analyticssystems.net
ap.lijit.com
api.ewscloud.com
assets.scrippsdigital.com
aswpsdkus.com
aud.pubmatic.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.ssp.yahoo.com
capi-tier-1-us-east-2.connatix.com
capi.connatix.com
cd.connatix.com
cdn.ampproject.org
cdn.cookielaw.org
cdn.doubleverify.com
cdn.parsely.com
cds.connatix.com
cheqzone.b-cdn.net
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
core.iprom.net
csync.loopme.me
d3plfjw9uod7ab.cloudfront.net
dis.criteo.com
dsum-sec.casalemedia.com
e.serverbid.com
eb2.3lift.com
eus.rubiconproject.com
ewscripps-d.openx.net
ewscripps.brightspotcdn.com
fastlane.rubiconproject.com
g2.gumgum.com
gcdn.2mdn.net
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hblg.media.net
hbx.media.net
ib.adnxs.com
id.rlcdn.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.outbrainimg.com
imasdk.googleapis.com
img.connatix.com
ins.connatix.com
lit.connatix.com
log.outbrainimg.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
matching.truffle.bid
mcdp-nydc1.outbrain.com
mv.outbrain.com
mweb.ck.inmobi.com
ob.cheqzone.com
obs.cheqzone.com
odb.outbrain.com
p.adsymptotic.com
p.typekit.net
p1.parsely.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
r4---sn-4g5ednsr.c.2mdn.net
rtb.adentifi.com
rtb.gumgum.com
rtb.openx.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
simage2.pubmatic.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
static.ewscloud.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.resetdigital.co
sync.serverbid.com
sync.srv.stackadapt.com
sync.teads.tv
tcheck.outbrainimg.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-eu3.doubleverify.com
trc.taboola.com
tru.am
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
use.typekit.net
usersync.gumgum.com
vid.connatix.com
web.hb.ad.cpe.dotomi.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.fox13now.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
aud.pubmatic.com
gocm.c.appier.net
match.bnmla.com
matching.truffle.bid
mweb.ck.inmobi.com
sync.crwdcntrl.net
uipglob.semasio.net
104.102.28.254
104.102.29.173
104.102.29.65
104.18.102.194
104.89.20.125
104.89.28.165
104.92.74.8
104.92.91.221
107.22.220.218
108.157.4.15
13.35.254.19
13.35.254.32
13.35.255.237
134.209.131.220
142.250.186.34
142.250.186.66
143.204.201.102
143.204.201.53
143.204.98.32
151.101.1.108
151.101.14.132
151.101.193.44
151.101.2.137
151.101.66.137
151.101.66.49
154.59.122.79
167.172.1.14
169.50.137.184
172.217.23.98
178.162.133.149
178.250.2.151
178.62.202.251
18.134.175.161
18.156.0.31
18.159.9.226
18.185.12.233
18.196.104.163
18.204.146.207
18.220.186.98
185.33.221.13
185.64.190.80
185.93.2.243
195.5.165.20
198.47.127.20
2.22.32.24
2.22.34.3
2001:678:cb4:bbbb::11
205.185.216.10
213.19.147.45
216.200.232.253
216.58.212.130
216.58.212.166
23.35.228.23
23.88.75.187
2600:1f18:e8a:cd02:882c:d916:bae1:7722
2600:9000:214f:4a00:13:a391:88c0:21
2600:9000:2240:5800:10:618e:d880:93a1
2602:803:c004:200::141
2606:4700:20::681a:274
2606:4700:3032::ac43:cb69
2606:4700:4400::6812:230b
2606:4700::6810:9540
2620:116:800d:21:36a9:ecb:e518:b308
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:801::200a
2a00:1450:4001:802::2001
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2001
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:811::200e
2a00:1450:4001:827::2006
2a00:1450:4001:828::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a00:1450:400c:c00::9d
2a00:1450:401e:28::9
2a02:26f0:3500:58b::4469
2a02:26f0:f7::5c7b:e01c
2a02:26f0:f7::5c7b:e031
2a02:fa8:8806:13::1370
2a02:fa8:8806:16::1460
2a03:2880:f01c:8012:face:b00c:0:3
2a04:4e42::300
2a05:d018:d29:3601:11a:a397:8c8e:9db5
2a06:98c1:3120::7
34.102.253.54
34.149.12.213
34.149.20.76
34.98.64.218
35.158.166.215
35.158.60.56
35.186.253.211
35.227.208.151
35.244.174.68
37.157.4.41
38.67.14.233
38.91.45.7
45.35.192.162
50.31.142.31
52.17.196.42
52.206.177.106
52.210.200.111
52.222.210.175
52.223.40.198
52.28.203.152
52.46.154.242
54.144.144.142
54.229.167.98
54.229.65.185
54.237.148.231
66.155.71.150
67.202.105.21
69.173.144.139
69.173.144.165
70.42.32.95
72.251.245.179
72.251.249.14
76.223.111.18
8.28.7.81
8.43.72.97
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
072d7ba782da0ed49d7ae5d604f0460fac40ad6291fa5971b34e3fe16c301887
0a5bfea6ade5e6b317daa2f8e69a47a111ca31222a8736bd9b0b3dad5e90316d
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ff18e021c3d1a587eb9a6eab9d7299931b572849e07bb530e2c529bf7e99834
10cb35a5786ba742e0e5e91c22f42ae9cafa7acdfcab479053cfa8ed8b39adf0
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12d38a62d57d835c37a23b14446c3b6c7491632b1055d4a0933e57bca481daa8
1385a4f55db1166435032cd0c1d542629ccc77f520fb0d3702e1d2da2f514a24
186107a77994bfc7f110a690564751f65d1fa1557832dcf0c06ea39deae84ba6
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0
19ede6d9e804c8651d1a03850401c29716427827ad0aa2308ce140c076d2c566
1b100b2e9f3016d39e6f5fc04026380518f730433d1261e6dbb8f6f673c27cb1
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c931ae642374fc24e1a9fd1ad7afd70464ed74cb51295c7a13e060061b56478
1da4e7292411fa7401ad333d28c2e5bd20dbe89f3ba0428d57d44c48879293f0
1e07e272734d4232d604835b00dfb9847c36a95e2fb6a01458590618e2bbcc77
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
221a6c8fc872fe0de88e13402b05762eeabdf5413f84b910fd2a140b617d9c14
237ed89a7afdd93a9f322ad0540e9dfcb51b4cb6eb244e207c0ee70491a60880
238dfcbeb3dd279902bd259ecaa4b77574935c645ebf1fdd9279a493dbd71e6d
25d0c59546c0281367022c7c6c7dfd3bf1eabad3cdb1e08cd75f634e6ad935ff
267f343ae9cde809d68b8aae3a9107e9bd51b364a34a64506b185a2c55429dca
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2a79e90edbe846d09a8e7b14eade333cfb73e19980f78ca2102a9b6958329860
2b5a8378fa4a6696a5b7131e18fd83403e68fd878cb6d3642d6c9ff36d3ac711
2bcbc2fead65db06dc805d3ec92e0f95cc32e4d82c1d7f9e2d4bd5ffc7b35984
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2d03c3af1415a2c7c676eff7f7db18d7c6066efd5a0f822af66eb0f50f574c37
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e68182cbf39bb919bdad91b9b6ce0ec97bbdab36b2b80e27e0a1b2c74af7a47
2ea4d73c56a292df467ee9e88a8cc18a2374049abe26e079b40770ea5b776339
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
2f8d3f6f0573956f2ca42258225c517dace4ab3fe76997fc8cd0b940bbd982a3
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3355f01920a159f6305c3be65ca696066f3a065effee7511127322f462431773
33b26336ede2d6ae7c70e84e4d4590f1c78b2be2d2eec6b31e6188baf81eeec6
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
39591255932f196d4b5853cda79c9f3033ce6aaacadfca2f72b118055256fc1d
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3c36817da0dbf2533ba7892aa3aa946f059f6724bb1f9f0197720dd78e32e28b
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f43dc8206d29c644ee28bc5d82e97f0b26f99cb78a41b00a272edf17324bbff
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fe84e7a5f9b5272d06042ebb7cb8cec692bcdb1c822632ac89f557dc1f2bde8
40a6fde90e5fa4d7aac669a50ca1efd481e15e6672586fb51f636fbcccf26a04
40a9471254e3bb59e130481d6a08ea7875e524bd7830954249d27abc000787b5
424de83322606030781e5c28fefd1d17ffc7dbaa7364733237e98b4c4f67506e
43700b9800ddc7b26ee1bf46a878b942908a720bd48a1809163d3a26de2944c8
44184c16fd72e51859e402906cfc8eb5cc13161916b42cf46e416bc9e3fe9850
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b88a304d6162d0e7bc1ea1c3b8c9e9f6b6751002a6d58b6a7bb2c4dd383dea8
4d35f133632d83c45a5662e955d2b2a4e9c67a26957850587afe441820f74dd5
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5343d295e7697987c6607001f3bb6d9bf54cfc6db5a77dce8b27dc5e9870066e
53f42d8773220c4a4e090c0238f131cf911055b50bac69a3a27cfb93f69b7a1a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
556ea8be84a3bba47fb218fefab370e8f0dd0e3887728c38e1565e77e559c812
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ed920d444210fbe713cf81e8d6a615cd96d1b950b0704752209568e5754b30
5607ad5eec2c8207f27a8e873fe408b52156a2542a842529004ad1d2826b8a52
580961a03df02992e3246b5d618f1935a41715df91cb96686456842b0fc102e4
595374b4287ac35757c51ffb0e544392397afbc8f4eecc7f6f97a6bcb3b6c18d
5a9f94a1b476ecb1845930cfea4bf1f1a5de0f88e9de559903b85de649b13556
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5d8f24de649d274c051960845b51a0407362d6b4c80de23985e648d3378708f5
619aaafb1c570a4bb0542241623b60269d09d6aa0b22c322cb44be57aa3bbb99
61b2100a8748346132ab227b5cbb6710c66aa8ed5c6caf241e1d85e7bcc049bf
61b97e3c5a9341f70c36bb1252aa7a33de3a7b111493f9d6b6ae69e8961fd5ad
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
64a94f78d192f4e0e01778e754d28016ec297484a803a7cb3fb4791ba396dca6
65b64c49a86c754ec08d9c80c41cd0ce46edd45294ef43939ab8fdffa71652ea
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
719f6aa7d7f905477e49f6a29ee23b1b8b5eda6c06866954fd6e3325093401d1
727f93b09ab81ccfabda8af76bbd53e3e99a3eafce122b52fac24f9e13872e33
72a7a0d4b19c66ac5b0ae819887642a014278247272493f74a927455631c1120
745fb1b07588682e3b5501bc0539dc4e851ca6378bfb982f7959b6ad60bcb4ce
774d6a8896ca4dfa0b713bf2bcdeef001fad90a318b69f3127b8224563fbe5ce
79290a43cd25f6bde616627554c38fd10fbb40e2f9ce41d23b37db5e872b71b1
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7cc637a0fd8996f09c0e204a08483bc316297894a3b5bc916e556c39ffe64308
7dc606be4585fb0adfc94553e94388529c8e1edccc0524f76472c11704bb1f7d
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d
8154aa9057e3367d9d3e4bb1f85db9645c01fc0690091aadc57dbae849ba3499
819e5ed6193610d1204aa6ffd591e31a4a6bf3f263d416f8e1a11dabe45f1364
81a6361b1f6ff5f9f6ca05b773fb993d7b7b3f668635ccba4379fa3ecb9a7e3e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
874cc1315f35963fb2488576f0c83489e22edfe22f6ce355e7e87e65063bbf7c
88119b3895cf2917892ae6733dcac17dbf6d03a6310128da71fb0b6e13e071c0
894bd4636346f9710907258043cf9936f4fcb1cf7d36bde7c1100351aae5ba96
89b32d2c190d8bd0b1660601ca99800e162e6583dfd5dd2705ff0f718cdef485
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b9d1bca8c323d5b5374882731c304332a8bb2dc31d792a8e9a27ee62458c8a5
8c2e57ee78275394cc22c5bc39c852100b1c175be33dd6ab22f37dba264cb39d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dbc3f1a033b6733e96a5af1bc89d6f8ab68a5d533dcad72d56bd019e3b5b6b5
8fe183489de72525abe6b8f3bbb947df24bc4de92c6b0b6b7c30f699b973c66c
91c17b9b5b17fbabfde4f12eda5537cce8f4c97a61a27721de3e9c655d1100dd
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9373556c315280b756fbe5e357153b8b34d73c3da1a92367a1018561912d4a3a
95315e06b54cb2cfc27f5f6954aa84ce0b312847df13886dda70b897f5ca38b8
978e500ed9886e0569440405c1bd5c6dcedcc3565fe2a60542bbc84061ba2774
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a30e461353fcbf4358bb4d8e94a183209c286d8c93747e7b32018c7e8fc02c0f
a36a4a338cfca22743c0df9c563d7636176a0f16acaa49e13e930f7d0a8948ef
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a558335dfd3ca88e1263100d94d582d5764b65c9c4c6e7749ca0607ac29b60bd
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a78eee44a33280cae70b7fade38a0ea36d2d3c34252c8fffe9e5d91aaf463a0c
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
ae76f7c904609050f586b35df791282f793f9c78684dabda17ebbe959f220fa2
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
af3a455c098c1703f5e7ae972edd1dcf3b908a1de446d452eceed9d809c70d7f
b047e312dbbff7235fbfd3ae334d7a6d0b8fe625a58c8dfa5b04d3af72998555
b0f6d37e4c8520f774611d5fffc3381c2f6e9129b9dd4397345930a54bde199f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14463d5ba2d89151d1e1c0913eae5f190f4b64703726e682d43d1ac2b97edde
b4096925f34c85d0c0e934ad77c44165dcd66fecc354c153784d246f00911da5
b4ea417d25ba03b67108c17eae4ba812f6fd99993818b43dc1b6486c8f34ce2e
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbc303150996575a6b7e0b472780241c2b91c7f45e4701fc43747598ef010e83
bd6cafb0d9f0509d461f9b8845027ecb7f5385ee273346f5f44efd2b328afdb3
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
be4deb2c83d3ff2724dc61220eab6ef1dd66f40f862bbbbd5529c0b20f884f9f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c500edeb1c43fdd3612981462f0add5bbe11e440b7d7456c09506aa592f6826a
c679c5e725893da0461190852bcb25fe023b9d01cb188622e711a89424159510
c6aaa39f85432536526872be4100326cba1b18d6f91a52374992e1abd1f8b630
c71774c5b321419b21ef3a5fa4b236b8dc190abd6d38b568604d2ba9d7c2b3e9
c94e7ca74c434a5f5246ace4bf8cfc6132d933e4f3d3bfd6bd8c12b9043600db
c958e138d98ce05b52fb81d8db9fa139eb77d82d1702ab6e42c3fb4314030993
ca4fd5efb0d1a70284709d6dde51a8477a28115b5c8a453aafcaf394bd1b5fbf
ce88889c221cd40c7c61bae947f82bf5208f3abea0ef0d2a5bc5d3e0cc262b0d
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
cf3cbea9de55648fc6c12b862749fedb8effc064646fa9554ea5c62209bc8c18
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d08019d740a977b51645ff931dcce8de0fb4fc53864a5274d026adce3799101e
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d13435a48b794b66ebaada6ee378b52822f77c1fd83f3ab71643c2332106e8dc
d1f9c5c64d175a8bc389afa09401c72262f33961d56241d00902c2a397eac4e7
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d46651a0642c39afc570af89ad0b4373250d4002c05e92282aab4b289c4771d8
d47b0a558d4b3c185baeca529965752d946921f4a10cb7c442b9bbee6985c4a5
d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42
d9df2d7dc53654d1a0d153355fba415f8fcd6fcb35e3dbb79c634110dfaaed8d
da697e4a5654c750168d62ba00fded8a38fd33ac179d8223fbfba9b35175eff1
dcce300d9cf428fe68fd05d1a49e0d21bbec990b8c19cd832bebbe5d0b05a6ef
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dcfd7936a2e8014ddeb492dce621f62dc4eeeb642d55f11ab8a16f40566cb316
e23e620ddaea9768515c1266f390c26a55f6e894520ae0b6e85fdf86a9e6f07b
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa
eb3e750c6fab3976f69f16b4f398de3d44e8fb7d596235c25a28df5ddacf48f7
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f027d6553533e963630b1d0992d5ca83562645cbb955de496b40c41eddd1978e
f095e9c4a8303e2660456b4124313560ffd05695ad601c84107146c500d27f71
f09c98528c2f78b7794aeb77c89baed5a9b1839e657bc2656658a063fdbd9439
f0f18a3c3952280b727ecdf5f62fb2b4754367e287f06e9b3b586f2c07146754
f22008a87de9f5460bbf1451182d062a76f43b5d4f3e5c5f826004210e0872f7
f5699a9f1ae7a130fcd36591551ae1443606804654acae67173e1c9dda43848b
f6db836305f7d72bcb0b4e30315242c3949b3dc58ad93d4edcd3d34f4437a0f8
f98ff6e868322d921598d85ca463a8e321c35c55f9177d17ddea0982976c41f1
fa05e94fa7d06887bc2b98ab3748ea7db3825de7e41a437613f43a89158d9c0b
fdcb74f626ef8f1059c0e3bd503017b8fdda4a54afcc26a4da734f5fd5c7a87a
fe59a74bf4a9e82756ae62f3b39cd0706fe67f3ccd18e3e0a7c15aad45dc71d5